WordPress malware campaign hides payloads in Steam profiles
18d ago
Source
bskyWordPress malware campaign hides payloads in Steam profilesbleepingcomputer.comWordPressマルウェアキャンペーンが、SteamプロフィールコメントにC2データを隠蔽。約2000サイトが感染。
You might also wanna read
Steam "Offline" status leaks exact login timestamps (Valve: Won't Fix)
xmrcat.org·5mo ago
Analysis of CVE-2026-4020: Coordinated Google Cloud Fleet Exploiting Gravity SMTP WordPress Vulnerability
A detailed technical analysis of CVE-2026-4020, a critical vulnerability in the Gravity SMTP WordPress plugin that exposed sensitive credent
honeylabs.net·3d ago
Malware spreading through Steam Workshop wallpapers targets gamers in China and Russia
Since late 2025, malware has been spreading through Steam Workshop via Wallpaper Engine's live wallpaper sharing feature. Attackers are targ
securelist.com·4d agoA new spam policy for "back button hijacking"
developers.google.com·2mo ago
Large-Scale Supply Chain Attack: 30 WordPress Plugins Purchased and Backdoored
The article details a large-scale supply chain attack on WordPress plugins where an individual purchased 30 plugins and systematically plant
anchor.host·2mo ago
Supply Chain Attack Compromises Official GravityForms Plugin Repository
A supply chain attack compromised the official GravityForms plugin repository, injecting backdoors into legitimate plugin downloads. The bre
patchstack.com·11mo ago