From The Hacker News – Over 17,000 WordPress Sites Compromised by Balada Injector in September 2023

From The Hacker News – Over 17,000 WordPress Sites Compromised by Balada Injector in September 2023

More than 17,000 WordPress websites have been compromised in the month of September 2023 with malware known as Balada Injector, nearly twice the number of detections in August. Of these, 9,000 of the websites are said to have been infiltrated using a recently disclosed security flaw in the tagDiv Composer plugin (CVE-2023-3169, CVSS score: 6.1) that could be exploited by unauthenticated users to
From The Hacker News – PEACHPIT: Massive Ad Fraud Botnet Powered by Millions of Hacked Android and iOS

From The Hacker News – PEACHPIT: Massive Ad Fraud Botnet Powered by Millions of Hacked Android and iOS

An ad fraud botnet dubbed PEACHPIT leveraged an army of hundreds of thousands of Android and iOS devices to generate illicit profits for the threat actors behind the scheme. The botnet is part of a larger China-based operation codenamed BADBOX, which also entails selling off-brand mobile and connected TV (CTV) devices on popular online retailers and resale sites that are backdoored with an