10 April 2023.
The Hacker News report that more than "one million WordPress websites are estimated to have been infected by an ongoing campaign to deploy malware called Balada Injector since 2017".
Sucuri report that the Balada Injector campaign "leverages all known and recently discovered theme and plugin vulnerabilities" to breach WordPress sites. The attacks are known to play out in waves once every few weeks."
More details at the link below.
The global popularity of open source content management systems like Wordpress and Joomla! makes websites using them big targets for hackers to aim at.
Source: The Hacker News.
What can CMS users do to protect their website?
Owners of websites created using a CMS should ensure they are always using the latest available version of their chosen CMS.
And that third party extensions are also the very latest versions.
They should also consider installing a Web Application Firewall.
We recommend Akeeba Admin Tools PRO, which can be configured to:
- password protect the website's Administrator directory, and
- add a secret URL suffix to the address for your website's Dashboard.
Use of its HTACCESS maker function will add further protection from the unwanted attention of hackers.
About The Hacker News
"The Hacker News (THN) is a leading, trusted, widely-acknowledged dedicated cybersecurity news platform, attracting over 8 million monthly readers including IT professionals, researchers, hackers, technologists, and enthusiasts."
Subscribe to The Hacker News newsletter when you visit the following link.
And keep up to speed with the latest security threats affecting your Operating System, Web Browser and Website.
Make Joomla! CMS Security your #1 Priority
We offer Joomla! coaching, help and support to businesses and organisations across Cheshire, Manchester, Merseyside, North West England & the UK.