Bleeping Computer

Hackers exploit OttoKit WordPress plugin flaw to add admin accounts

Hackers are exploiting a critical unauthenticated privilege escalation vulnerability in the OttoKit WordPress plugin to create rogue admin accounts on targeted sites. OttoKit (formerly SureTriggers) ...

Hackers exploiting WordPress membership plugin bug to create admin accounts

A popular WP plugin can be abused to take over websites and thousands of sites are vulnerable.
TechCrunch

US charges admins of Garantex for allegedly facilitating crypto money laundering for terrorists and hackers

The U.S. Department of Justice announced on Friday criminal charges against the administrators of the Russian cryptocurrency exchange Garantex for allegedly facilitating money laundering by criminal ...
Hosted on MSN

Sneeit WordPress RCE flaw allows hackers to add themselves as admin - here's how to stay safe

WordFence disclosed critical RCE flaw (CVE-2025-6389) in Sneeit Framework plugin, affecting versions ≤8.3 Exploitation allows attackers to create admin accounts, install malicious plugins, and hijack ...