Of Phishing Attacks and WordPress 0days
A recent phishing campaign detected by Cloudflare appears to be using a new WordPress 0day vulnerability. The attack involves sending out emails with links that lead to compromised WordPress sites hosted by Bluehost, which then attempt to collect users' credentials. This is not the first time such an attack has occurred, and it highlights the importance of protecting vulnerable CMS sites to prevent potential victims from being exploited. Cloudflare has worked with Bluehost to identify and neutralize the remaining affected sites in this campaign. Users can stay safe by following tips such as never clicking on links in unsolicited emails, being vigilant about spelling and URLs, and enabling two-factor authentication where possible.
Company
Cloudflare
Date published
April 24, 2015
Author(s)
Marc Rogers
Word count
1974
Hacker News points
None found.
Language
English