Security expert re: 600,000 WordPress sites attacked due to critical vulnerability (RCE flaw)

More than 600,000 WordPress sites running vulnerable File Manager plugin versions are being attacked due to a critical remote code execution flaw,  and the attackers have also been seen protecting the sites they compromised from other bad actors’ attacks.


EXPERTS COMMENTS
Timothy Chiu, Vice President of Marketing,  K2 Cyber Security
September 11, 2020
The site is compromised, and the attacker was successful exploiting a flaw that has a released fix.
This latest critical vulnerability in a WordPress plugin, a remote code execution flaw, is one of the most dangerous vulnerabilities because it gives the attacker the ability to run almost any code on the hacked site. While it's interesting that attackers have taken this one step further, protecting their malicious files they've written to the compromised sites, the end result is still the same: ....
[Read More >>]

If you are an expert on this topic:

Submit Your Expert Comments


In this article