The Hacker News

Popular WordPress Plugin Scripts Tampered to Plant Hidden Backdoors on Sites

Tampered JavaScript in three Awesome Motive plugins exposed WordPress sites to rogue admin accounts and hidden backdoors.
Microsoft

Crypto Clipper uses Tor and worm-like propagation for persistence and control

Microsoft Threat Intelligence analyzed a cryptocurrency clipper campaign that combines clipboard theft, wallet replacement, ...
Security Boulevard

SmartApeSG Launches Okendo Reviews Supply Chain Attack

IntroductionOn May 14, 2026, the Zscaler ThreatLabz team identified unusually high activity associated with the threat actor SmartApeSG to deploy malware. During our examination, we discovered ...
Computerworld

Industry

Windows 11: A guide to the updates Here’s what you need to know about the latest updates to Windows 11 as they’re released from Microsoft. Now updated for KB5094126 (Windows 11 24H2 and 25H2) and ...

Over 1 million WordPress sites at risk after popular plugins hacked

Three popular plugins served malicious JavaScript through a compromised CDN.
Bleeping Computer

OptinMonster WordPress plugin hacked in CDN supply-chain attack

WordPress plugins OptinMonster, TrustPulse, and PushEngage have been compromised in a supply-chain attack impacting Awesome Motive's content distribution network (CDN). Of the three products, the ...

把真实GitHub仓库转化为可执行终端轨迹!TerminalTraj入选ICML 2026

一个面向终端智能体的大规模轨迹生成管道(pipeline)。 TerminalTraj从真实GitHub仓库出发,自动构建Docker化的可执行环境(Dockerized execution environments),生成与环境对齐的终端相关的任务(terminal tasks) ,并通过可执行的检验代码(executable validation code) 验证Agent是否真正完成任务。