Beware of botnets taking over WordPress sites for malicious attacks

1 min read


  • Researcher Denis Sinegubko has identified a password-cracking botnet attacking WordPress sites using visitors’ browsers.
  • About 41,800 passwords are being attempted per impacted site.

Security researcher Denis Sinegubko has observed a shift from crypto wallet drainers to brute-force password-cracking attacks on WordPress sites. The attackers are using visitors’ browsers to make thousands of automated password guesses on other WordPress sites, with about 41,800 attempts per impacted site. Sinegubko recommends keeping passwords secure, using NoScript to prevent exploits, and ensuring system-critical passwords are strong for WordPress admins.

Previous Story

FBI, CISA, HHS alert on ALPHV/BlackCat Ransomware threats to healthcare

Next Story

Botnets – unwelcome guests overstaying their welcome at your digital party

Latest from News