WordPress sites backdoored after FishPig supply chain attack • The Register

It’s only been a week or so, and obviously there are at least three critical holes in WordPress plugins and tools that are being exploited in the wild right now to compromise loads of websites.

We’ll start with FishPig, a UK-based maker of software that integrates Adobe’s Magento ecommerce suite into WordPress-powered websites. FishPig’s distribution systems were compromised and its products altered so that installations of the code semi-automatically downloaded and ran the Rekoobe Linux trojan.

Infosec outfit Sansec raised the alarm this week that FishPig’s software was acting weird:…


More Info

About mblog.my

Check Also

Malware campaign compromises over 4,500 WordPress sites | SC Media – SC Media

Military-grade xIoT hacking tools are in use, cybercrime for hire that’s predicated on compromised xIoT …

Leave a Reply

Your email address will not be published. Required fields are marked *