Retour

Explorez tous les épisodes du podcast Wordfence Security News

Plongez dans la liste complète des épisodes de Wordfence Security News. Chaque épisode est catalogué accompagné de descriptions détaillées, ce qui facilite la recherche et l'exploration de sujets spécifiques. Suivez tous les épisodes de votre podcast préféré et ne manquez aucun contenu pertinent.

Rows per page:

1–3 of 3

TitreDateDurée
MW WP Form 200K Sites at Risk | Axios Hack | Cisco Breach | Wordfence Security News | March 30, 202603 Apr 202600:07:22

This week in Wordfence Security News (Week of Mar 30, 2026): 

  • Over 200,000 WordPress sites at risk from an unauthenticated arbitrary file move vulnerability in the MW WP Form plugin, allowing full site takeover
  • Massive spike in exploitation attempts targeting the Kali Forms RCE vulnerability, with activity increasing over 60x week-over-week
  • A major supply chain attack compromises the widely used Axios JavaScript library, distributing backdoored versions to developers worldwide Active exploitation of a critical Citrix NetScaler vulnerability enabling session hijacking and potential full appliance compromise
  • European Commission confirms a cloud breach with data theft claims by ShinyHunters
  • Cisco internal development environment breached via poisoned Trivy supply chain attack, exposing source code and credentials

Timestamps:

0:00 Introduction
0:30 MW WP Form Vulnerability
1:15 Kali Forms Exploitation Surge
1:55 Axios Supply Chain Attack
3:20 Citrix NetScaler Active Exploitation
4:57 European Commission Breach
5:50 Cisco Dev Environment Breach
6:47 Wrap up discussion

Story Links:

Stay informed and secure: get the latest WordPress security news on the Wordfence blog or subscribe to the WordPress Security Newsletter.  

Iran-Linked Hackers Breach FBI Director's Email | Wordfence Security News| Week of March 23, 202627 Mar 202600:06:35

This week in Wordfence Security News (Week of Mar 23, 2026): 

  • Same-day exploitation of a critical RCE vulnerability in the Kali Forms plugin, attackers can achieve full admin takeover with a single request
  • Ongoing mass exploitation of the s2Member plugin targeting password reset functionality
  • Breaking News: Iran-linked hackers claim breach of FBI Director Kash Patel’s personal email
  • A critical Cisco firewall management vulnerability exploited as a zero-day by ransomware actors
  • FBI and CISA warn of phishing campaigns targeting messaging app accounts

Timestamps:

0:00 Introduction
0:25 Kali Forms RCE Vulnerability
1:34 s2Member Mass Exploitation
2:20 Breaking News – FBI Email Breach
2:45 Cisco Firewall RCE Exploitation
5:03 Messaging App Phishing Campaigns

Story Links:

Stay informed and secure: get the latest WordPress security news on the Wordfence blog or subscribe to the WordPress Security Newsletter.  

30,000 Sites at Risk, Cisco Zero-Day & Stryker Attack | Wordfence Security News | Week of Mar 9, 202613 Mar 202600:05:43

This week in Wordfence Security News (Week of Mar 9, 2026): 

  • A critical auth bypass in Tutor LMS Pro exposes 30,000+ WordPress sites — attackers can hijack admin accounts via a Google sign-in flaw
  • An unauthenticated SQL injection in Ally (400K+ sites)
  • Microsoft Patch Tuesday with ~80 fixes including AI-related exploits
  • A max-severity Cisco SD-WAN zero-day exploited since 2023
  • Iran-linked group Handala's claimed attack on medical device maker Stryker.

Timestamps:

0:00 Introduction
0:22 Tutor LMS Pro Authentication Bypass
1:31 Ally WordPress Plugin SQL Injection
1:50 Microsoft Patch Tuesday
2:46 Cisco SD-WAN Zero-Day
4:26 Handala Attack on Stryker
5:03 Iranian Drone Strikes on AWS Data Centers

Story Links:

Stay informed and secure: get the latest WordPress security news on the Wordfence blog or subscribe to the WordPress Security Newsletter.  

© My Podcast Data