Hackers Target 1.3 Mn WordPress Sites Steal Database Logins

Cybercriminals targeted around 1.3 million WordPress websites in a single day to steal database login credentials. It is found that hackers tried to steal config files by exploiting known XSS vulnerabilities in WordPress plugins and themes, according to a security alert issued by cybersecurity firm Wordfence.

The researchers stated that attackers tried to download the wp-config.php WordPress configuration file which contains connection details, authentication unique keys, and salts along with database credentials. In case attackers successfully exploited any vulnerable…

More Info

About mblog.my

Check Also

Goodbye, ManageWP.org; Hello, WP Content – WordPress Tavern

Yesterday, Iain Poulson and Ashley Rich launched community-curated, news-sharing site WP Content. The launch comes …