Popular WordPress redirect plugin hid dormant backdoor for years

The Quick Page/Post Redirect plugin, installed on more than 70,000 WordPress sites, had a backdoor added five years ago that ...

Just in time for the Trump-Xi summit

After compromising the sever, Shadow-Earth-053 installs web shells - Godzilla is a commonly used one with this and other ...
PCQuest

7 best hacking tools in 2026 every ethical hacker should know

See the top ethical hacking tools for 2026, from Nmap to Burp Suite, and learn how security teams test, audit, and defend ...
The Hacker News

ThreatsDay Bulletin: SMS Blaster Busts, OpenEMR Flaws, 600K Roblox Hacks and 25 More Stories

SMS blasters, npm supply chain hits, and unpatched Windows flaws. Stay ahead of new phishing kits and exposed servers.
CoinDesk

Wasabi Protocol drained of $4.5 million in apparent admin key compromise

The exploit used a similar playbook as Drift's $285 million breach earlier this month — a compromised deployer key with no ...