A new Balada Injector campaign used known WordPress plugin and theme vulnerabilities to hack over 17,000 websites during September 2023. Threat actors exploited the CVE-2023-3169 cross-site scripting (XSS) vulnerability in tagDiv Composer. Composer is a tool for the tagDiv’s Newspaper and Newsmag WordPress themes. Both themes are paid for and used by 155,500 websites. The […]
The post Balada Injector Malware Hits More Than 17,000 WordPress Sites appeared first on Heimdal Security Blog.
This article has been indexed from Heimdal Security Blog