Global CyberSecurity

New Malware Campaign Found Exploiting Stored XSS in Popup Builder < 4.2.3

By OTC 03/07/2024

Post Views: 419

Published on 03/07/2024 – Last Updated on 03/08/2024 by OTC

In January, my colleague reported about a new Balada Injector campaign found exploiting a recent vulnerability in the widely-used Popup Builder WordPress plugin which was initially disclosed back in November, 2023 by Marc Montpas.

In the past three weeks, we’ve started seeing an uptick in attacks from a new malware campaign targeting this same Popup Builder vulnerability. According to PublicWWW, over 3,300 websites have already been infected by this new campaign. Our own SiteCheck remote malware scanner has detected this malware on over 1,170 sites.

Continue reading New Malware Campaign Found Exploiting Stored XSS in Popup Builder < 4.2.3 at Sucuri Blog.

Comments

Comments are closed.

More in Global CyberSecurity

Global CyberSecurity

New Malware Campaign Found Exploiting Stored XSS in Popup Builder < 4.2.3

Virtual tour of all warships displayed at DIMDEX 2024 Naval Defense Exhibition Doha Qatar

Sucuri WordPress Plugin Updates for 2024

Comments

More in Global CyberSecurity

PHP Reinfector and Backdoor Malware Target WordPress Sites

Malware Steals Account Credentials

2024 Credit Card Theft Season Arrives

Cyber-Space

Simple Include Statement Hides Casino Spam

PHP Reinfector and Backdoor Malware Target WordPress Sites

Malware Steals Account Credentials

PHMC GPE LLC

Social EYK

Economy & Finance

Virtual tour of all warships displayed at DIMDEX 2024 Naval Defense Exhibition Doha Qatar

Sucuri WordPress Plugin Updates for 2024

You may also like

Comments

More in Global CyberSecurity

Cyber-Space

PHMC GPE LLC

Social EYK