Hackers Target 1.3 Mn WordPress Sites Steal Database Logins

Cybercriminals targeted around 1.3 million WordPress websites in a single day to steal database login credentials. It is found that hackers tried to steal config files by exploiting known XSS vulnerabilities in WordPress plugins and themes, according to a security alert issued by cybersecurity firm Wordfence.

The researchers stated that attackers tried to download the wp-config.php WordPress configuration file which contains connection details, authentication unique keys, and salts along with database credentials. In case attackers successfully exploited any vulnerable…


More Info

About mblog.my

Check Also

Re-Creating The New York Times’ Website in Under 30 Minutes Using WordPress.com – WordPress.com News

Re-Creating The New York Times’ Website in Under 30 Minutes Using WordPress.com – WordPress.com News

Using WordPress blocks and the Site Editor to quickly build a lookalike of one of …