The Next Web

A WordPress plugin sold to 15,000 sites has a flaw that lets anyone create an admin account, and attackers are already using it

CVE-2026-8732 in WP Maps Pro lets unauthenticated attackers create admin accounts on 15,000+ WordPress sites. Wordfence blocked 2,858 attacks in 24 hours.

WordPress malware uses Steam profile comments for command and control

The comments on some Steam Profiles are actually loaded with invisible malware.
SecurityWeek

WP Maps Pro Vulnerability Exploited to Take Over WordPress Sites

A vulnerability in the WP Maps Pro WordPress plugin has been exploited to create admin accounts and take over vulnerable sites.
The Hacker News

ThreatsDay Bulletin: AI Agents Gone Wrong, Sketchy C2 Tools, ClickFix Tricks, JS Backdoors & 20+ New Stories

Weekly ThreatsDay recap: old bugs, fake tools, shady payload tricks, AI mishaps, and the usual reminder that the internet is ...
Infosecurity Magazine

Everest Forms Pro Vulnerability Allows Remote Code Execution on WordPress Sites

A critical vulnerability in the Everest Forms Pro plugin for WordPress has been actively exploited to hijack vulnerable ...
Investopedia

Comprehensive Guide to Aggregate Functions: Definition and Examples

Adam Hayes, Ph.D., CFA, is a financial writer with 15+ years Wall Street experience as a derivatives trader. Besides his extensive derivative trading expertise, Adam is an expert in economics and ...
Lifehacker

The Fastest Way to Talk to a Real Person at Amazon Customer Service

Daniel is Lifehacker's Shopping Editor covering tech deals and reviewing TVs, headphones, speakers, and projectors. He earned his master’s in journalism from Columbia University and has reported for ...
SecurityWeek

Kirki, Burst Statistics WordPress Plugin Flaws in Attackers’ Crosshairs

Hundreds of thousands of websites are potentially exposed to attacks exploiting two vulnerabilities in the Kirki and Burst Statistics WordPress plugins, Defiant warns. Kirki provides website and ...