Over 1,000 websites powered by WordPress have been infected with a third-party JavaScript code that injects four separate backdoors.
“Creating four backdoors facilitates the attackers having multiple points of re-entry should one be detected and removed,” c/side researcher Himanshu Anand said in a Wednesday analysis.
The malicious JavaScript code has been found to be served via cdn.csyndication[
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00adminhttps://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.pngadmin2025-03-06 11:07:392025-03-06 11:07:39AIceberg Gets $10 Million in Seed Funding for AI Security Platform
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00adminhttps://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.pngadmin2025-03-06 10:06:552025-03-06 10:06:55Exploited VMware ESXi Flaws Put Many at Risk of Ransomware, Other Attacks
The U.S. Department of Justice (DoJ) has announced charges against 12 Chinese nationals for their alleged participation in a wide-ranging scheme designed to steal data and suppress free speech and dissent globally.
The individuals include two officers of the People’s Republic of China’s (PRC) Ministry of Public Security (MPS), eight employees of an ostensibly private PRC company, Anxun
Cybercriminals are ramping up their efforts in the Kingdom and targeting more than just petroleum firms; now, they’re aiming for Middle East organizations in the IT, government, construction, and real estate sectors too.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00adminhttps://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.pngadmin2025-03-06 07:07:062025-03-06 07:07:06Ransomware Attacks Build Against Saudi Construction Firms
The threat actor, of unknown origin, is deploying a proprietary backdoor malware known as “Sagerunex” against critical infrastructure in Hong Kong, Philippines, Taiwan, and Vietnam.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00adminhttps://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.pngadmin2025-03-06 03:06:592025-03-06 03:06:59Espionage Actor ‘Lotus Blossom’ Targets South East Asia
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00adminhttps://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.pngadmin2025-03-05 23:07:022025-03-05 23:07:02SimilarWeb data: This obscure AI startup grew 8,658% while OpenAI crawled at 9%
The nation-state threat group has been breaching providers of remote management tools, identity management providers, and other IT companies to access networks of targeted entities, according to Microsoft.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00adminhttps://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.pngadmin2025-03-05 22:07:042025-03-05 22:07:04Two decades of visitor data at the Toronto Zoo stolen in cyberattack
BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Over 1,000 WordPress Sites Infected with JavaScript Backdoors Enabling Persistent Attacker Access
/in General NewsOver 1,000 websites powered by WordPress have been infected with a third-party JavaScript code that injects four separate backdoors.
“Creating four backdoors facilitates the attackers having multiple points of re-entry should one be detected and removed,” c/side researcher Himanshu Anand said in a Wednesday analysis.
The malicious JavaScript code has been found to be served via cdn.csyndication[
The Hacker News – Read More
AIceberg Gets $10 Million in Seed Funding for AI Security Platform
/in General NewsAIceberg has launched a solution that helps governments and enterprises with the safe, secure and compliant adoption of AI.
The post AIceberg Gets $10 Million in Seed Funding for AI Security Platform appeared first on SecurityWeek.
SecurityWeek – Read More
Exploited VMware ESXi Flaws Put Many at Risk of Ransomware, Other Attacks
/in General NewsScans show that tens of thousands of VMware ESXi instances are affected by CVE-2025-22224 and other vulnerabilities disclosed recently as zero-days.
The post Exploited VMware ESXi Flaws Put Many at Risk of Ransomware, Other Attacks appeared first on SecurityWeek.
SecurityWeek – Read More
U.S. Charges 12 Chinese Nationals in State-Backed Hacking Operations
/in General NewsThe U.S. Department of Justice (DoJ) has announced charges against 12 Chinese nationals for their alleged participation in a wide-ranging scheme designed to steal data and suppress free speech and dissent globally.
The individuals include two officers of the People’s Republic of China’s (PRC) Ministry of Public Security (MPS), eight employees of an ostensibly private PRC company, Anxun
The Hacker News – Read More
Ransomware Attacks Build Against Saudi Construction Firms
/in General NewsCybercriminals are ramping up their efforts in the Kingdom and targeting more than just petroleum firms; now, they’re aiming for Middle East organizations in the IT, government, construction, and real estate sectors too.
darkreading – Read More
Espionage Actor ‘Lotus Blossom’ Targets South East Asia
/in General NewsThe threat actor, of unknown origin, is deploying a proprietary backdoor malware known as “Sagerunex” against critical infrastructure in Hong Kong, Philippines, Taiwan, and Vietnam.
darkreading – Read More
SimilarWeb data: This obscure AI startup grew 8,658% while OpenAI crawled at 9%
/in General NewsSimilarWeb data reveals dramatic AI market upheaval with Deepseek (8,658% growth) and Lovable (928% growth) dominating.Read More
Security News | VentureBeat – Read More
China’s Silk Typhoon APT Shifts to IT Supply Chain Attacks
/in General NewsThe nation-state threat group has been breaching providers of remote management tools, identity management providers, and other IT companies to access networks of targeted entities, according to Microsoft.
darkreading – Read More
Two decades of visitor data at the Toronto Zoo stolen in cyberattack
/in General NewsThe organization also lost years of wildlife conservation research as a result of the January 2024 cyber incident.
The Record from Recorded Future News – Read More
Qualcomm, MediaTek Release Security Fix Bonanza
/in General NewsThe chipmakers patched bugs, mostly critical and high severity, that affect everything from smartphones to TVs to artificial intelligence platforms.
darkreading – Read More