WordPress websites under attack — expert report says dozens of plugins hijacked to target thousands of sites

A malicious actor found a struggling WordPress plugin company, bought it, and introduced malware to each product.
The Next Web

Someone bought 30 WordPress plugins and planted backdoors in all of them

An attacker purchased 30+ WordPress plugins on Flippa, planted backdoors that lay dormant for eight months, then activated ...

Malware campaign lures users with fake Windows Update website

Malwarebytes recently uncovered a new malicious campaign targeting the Windows Update service. Focused on French-speaking users, the campaign uses layered obfuscation techniques to deliver multiple ...

Adobe issues emergency security patch — Reader and Acrobat users need to update now

Adobe patches Acrobat Reader zero‑day exploited since Dec 2025 CVE‑2026‑34621 enabled RCE via malicious PDFs Users must ...