Bleeping Computer

Hackers exploit OttoKit WordPress plugin flaw to add admin accounts

Hackers are exploiting a critical unauthenticated privilege escalation vulnerability in the OttoKit WordPress plugin to create rogue admin accounts on targeted sites. OttoKit (formerly SureTriggers) ...
The Hacker News

OttoKit WordPress Plugin Admin Creation Vulnerability Under Active Exploitation

A newly disclosed high-severity security flaw impacting OttoKit (formerly SureTriggers) has come under active exploitation within a few hours of public disclosure. The vulnerability, tracked as ...
GitHub

Az.Accounts v3.0.4 givimg warning in Azure Automation with PowerShell 5.1 runbooks

Azure Automation allows customers to run PowerShell scripts as runbooks. We recently published a new Docker image for PowerShell 5.1 with Az module version 11.2.0, which includes Az.Identity v3.0.4.
The Hacker News

Multiple WordPress Plugins Compromised: Hackers Create Rogue Admin Accounts

Multiple WordPress plugins have been backdoored to inject malicious code that makes it possible to create rogue administrator accounts with the aim of performing arbitrary actions. "The injected ...