The Hacker News

Hackers Exploit WordPress Sites to Power Next-Gen ClickFix Phishing Attacks

Researchers expose new WordPress malware and ClickFix phishing kits exploiting cache smuggling for stealth attacks.

Hackers exploit auth bypass in Service Finder WordPress theme

Threat actors are actively exploiting a critical vulnerability in the Service Finder WordPress theme that allows them to ...
GitHub

[Check] Add more forbidden functions in Generic.PHP.ForbiddenFunctions

These functions are needed to include in our checks so we can discourage their use. They are mainly private and were flagged in the plugin wporg-code-analysis. _cleanup_header_comment _get_plugin_data ...