CyberSecurity news
FlagThis
Aman Mishra@gbhackers.com
//
ImgSrc: blogger.googleu
References :
ImgSrc: blogger.googleu
Share:
References :
- cyberpress.org: WordPress GravityForms Plugin Targeted in Malicious Code Injection Attack
- gbhackers.com: Hackers Compromise WordPress GravityForms Plugin with Malicious Code Injection
- Ian Campbell: Just a heads-up on this supply chain attack on the Gravity Forms wordpress plugin, one IOC is POST requests to gravityapi[.]org - a 3 day old domain.
- Talkback Resources: WordPress Gravity Forms developer hacked to push backdoored plugins
Classification:
- HashTags: #WordPress #SupplyChainAttack #Malware
- Company: Microsoft
- Target: WordPress sites
- Product: Gravity Forms
- Feature: Code Injection
- Type: Malware
- Severity: Major