PC World

Cookies open WordPress accounts to easy hijacking

If you’re a WordPress.com user you’ll want to be extra cautious the next time you’re tempted to whip up a blog post from your local coffee shop. If anyone on the same open connection is using a ...
eWeek

WordPress Gets Flagged for Insecure Cookie Risk

eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. The open-source WordPress blogging and content management ...
HotHardware

WordPress Sees Google's Controversial FLoC Browser Cookie Replacement As A Security Threat

Google is on a mission to crumble the third-party cookie infrastructure that the web is largely based on, as it relates to lucrative targeted advertising efforts, and rebuild things with an initiative ...
Threat Post

Session Hijacking, Cookie-Stealing WordPress Malware Spotted

Researchers spotted a strain of cookie stealing malware, injected into a legitimate JavaScript file, masquerading as a WordPress core domain. Researchers have identified a strain of cookie stealing ...
Bleeping Computer

Malware Uses Fake WordPress API Domain to Steal Sensitive Cookies

Security researchers from Sucuri have found hacked WordPress sites that were altered to secretly siphon off cookies for user and admin accounts to a rogue domain imitating the WordPress API. The ...
Bleeping Computer

WordPress Cookie Consent Plugin Fixes Critical Flaw for 700K Users

Critical bugs found in the WordPress GDPR Cookie Consent plugin used by over 700,000 websites allow potential attackers to delete and change content and inject malicious JavaScript code due to ...
ZDNet

Hackers are creating backdoor accounts and cookie files on WordPress sites running OneTone

Hackers are actively targeting WordPress sites running the OneTone theme to exploit a vulnerability that allows them to read and write site cookies and create backdoor admin accounts. The campaign has ...