/plushcap/analysis/cloudflare/of-phishing-attacks-and-wordpress-0days

Of Phishing Attacks and WordPress 0days

What's this blog post about?

A recent phishing campaign detected by Cloudflare appears to be using a new WordPress 0day vulnerability. The attack involves sending out emails with links that lead to compromised WordPress sites hosted by Bluehost, which then attempt to collect users' credentials. This is not the first time such an attack has occurred, and it highlights the importance of protecting vulnerable CMS sites to prevent potential victims from being exploited. Cloudflare has worked with Bluehost to identify and neutralize the remaining affected sites in this campaign. Users can stay safe by following tips such as never clicking on links in unsolicited emails, being vigilant about spelling and URLs, and enabling two-factor authentication where possible.

Company
Cloudflare

Date published
April 24, 2015

Author(s)
Marc Rogers

Word count
1974

Hacker News points
None found.

Language
English


By Matt Makai. 2021-2024.