Over 1 million WordPress sites at risk after popular plugins hacked

Three popular plugins served malicious JavaScript through a compromised CDN.
PC Magazine

Facebook's In-App Browser Injects JavaScript Into Third-Party Websites

Fastlane founder Felix Krause has revealed that Facebook and Instagram's in-app browsers inject JavaScript into third-party websites. Krause originally said the in-app browsers were injecting the Meta ...
Dark Reading

JavaScript Injection Attack Infects 'Hundreds of Thousands' of Websites

Websense Security Labs yesterday reported a new JavaScript injection attack that has infected "hundreds of thousands" of Websites, including a United Nations site and some UK government sites. Web ...
Hosted on MSN

WordPress malware uses Steam profile comments for command and control

Security researchers from GoDaddy found a cheeky new malware campaign that used comments made by Steam Community accounts as command-and-control (C2) infrastructure. Here is how the attack plays out: ...