WordPress malware uses Steam profile comments for command and control

The comments on some Steam Profiles are actually loaded with invisible malware.

WP Maps Pro bug exploited to create admin accounts on WordPress sites

Hackers are targeting WordPress websites running a vulnerable version of the WP Maps Pro plugin, which allows creating rogue ...
The Next Web

A WordPress plugin sold to 15,000 sites has a flaw that lets anyone create an admin account, and attackers are already using it

CVE-2026-8732 in WP Maps Pro lets unauthenticated attackers create admin accounts on 15,000+ WordPress sites. Wordfence blocked 2,858 attacks in 24 hours.
The Caledonian-Record

WP Engine Enhances Global Edge Security With Bot Management to Control AI-Driven Website Traffic

WP Engine, a global web enablement company providing premium products and solutions for websites built on WordPress® 1, today ...
The Citizen

9 ways South Africans can earn money online and how much they pay

The online economy is opening doors for young people ‒ but success depends on using credible platforms and building the right ...
Memeburn

12 Best AI Website Builders in 2026: Which Ones Win?

The best AI website builders promise fast site creation, but which actually deliver? We tested 12 platforms in 2026 for SEO, ...
Techlomedia

Nearly 2,000 WordPress Websites Infected by Malware Using Steam Profiles

A new malware campaign has compromised nearly 2,000 WordPress websites by using Steam Community profile comments to hide ...

WordPress malware campaign hides payloads in Steam profiles

Nearly 2,000 WordPress websites were infected with malware that relies on Steam Community profile comments to hide command-and-control (C2) data.
The Hacker News

ThreatsDay Bulletin: AI Agents Gone Wrong, Sketchy C2 Tools, ClickFix Tricks, JS Backdoors & 20+ New Stories

Weekly ThreatsDay recap: old bugs, fake tools, shady payload tricks, AI mishaps, and the usual reminder that the internet is ...
SecurityWeek

WP Maps Pro Vulnerability Exploited to Take Over WordPress Sites

A vulnerability in the WP Maps Pro WordPress plugin has been exploited to create admin accounts and take over vulnerable sites.
InfoQ

Next.js 16.2: 400% Faster Dev Startup, Faster Rendering, and Deeper Tooling for AI Agents

Vercel has released Next.js 16.2, featuring performance enhancements that make development startup 400% faster and rendering ...
Infosecurity Magazine

Everest Forms Pro Vulnerability Allows Remote Code Execution on WordPress Sites

A critical vulnerability in the Everest Forms Pro plugin for WordPress has been actively exploited to hijack vulnerable ...