WordPress malware uses Steam profile comments for command and control

The comments on some Steam Profiles are actually loaded with invisible malware.
SecurityWeek

Everest Forms Vulnerability Exploited to Hack WordPress Sites

Hackers have been exploiting a remote code execution vulnerability in the Everest Forms Pro plugin to take over WordPress ...

Critical Everest Forms Pro flaw exploited to take over WordPress sites

Hackers are actively exploiting a critical vulnerability (CVE-2026-3300) in the Everest Forms Pro plugin, which lets them ...
The Hacker News

ThreatsDay Bulletin: AI Agents Gone Wrong, Sketchy C2 Tools, ClickFix Tricks, JS Backdoors & 20+ New Stories

Weekly ThreatsDay recap: old bugs, fake tools, shady payload tricks, AI mishaps, and the usual reminder that the internet is ...
SecurityWeek

Kirki, Burst Statistics WordPress Plugin Flaws in Attackers’ Crosshairs

Hundreds of thousands of websites are potentially exposed to attacks exploiting two vulnerabilities in the Kirki and Burst Statistics WordPress plugins, Defiant warns. Kirki provides website and ...
Morning Call PA

The Morning Call

It was the third homicide this year in Allentown, and the second involving a teen victim in the last three weeks.