Funnel Builder WordPress plugin bug exploited to steal credit cards

A critical vulnerability in the Funnel Builder plugin for WordPress is being actively exploited to inject malicious JavaScript snippets into WooCommerce checkout pages.
ZDNet

Hackers target ad networks to inject cryptocurrency mining scripts

Hackers are now injecting cryptocurrency mining scripts into web advertising platforms to make a quick buck, security researchers have found. Trend Micro wrote in a blog post Wednesday that its ...
Bleeping Computer

Hacked WordPress sites use visitors' browsers to hack other sites

Hackers are conducting widescale attacks on WordPress sites to inject scripts that force visitors' browsers to bruteforce passwords for other sites. The campaign was first spotted by website ...