Security Newsletter
13 May 2024
Hackers exploit LiteSpeed Cache flaw to create WordPress admins
Hackers have been targeting WordPress sites with an outdated version of the LiteSpeed Cache plugin to create administrator users and gain control of the websites.
LiteSpeed Cache (LS Cache) is advertised as a caching plugin used in over five million WordPress sites that helps speed up page loads, improve visitor experience, and boost Google Search ranking.
Automattic's security team, WPScan, observed in April increased activity from threat actors scanning for and compromising WordPress sites with versions of the plugin older than 5.7.0.1, which are vulnerable to a high-severity (8.8) unauthenticated cross-site scripting flaw tracked as CVE-2023-40000.
Read More
This content was created by Kindred Group Security. Please share if you enjoyed!
Kindred Group in brief
Kindred Group is one of the world’s leading online gambling operators with business across Europe, US and Australia, offering more than 30 million customers across 9 brands a great form of entertainment in a safe, fair and sustainable environment. The company, which employs about 2,000 people, is listed on Nasdaq Stockholm Large Cap and is a member of the European Gaming and Betting Association (EGBA) and founding member of IBIA (Sports Betting Integrity Association). Kindred Group is audited and certified by eCOGRA for compliance with the 2014 EU Recommendation on Consumer Protection and Responsible Gambling (2014/478/EU). Read more on www.kindredgroup.com.
You can access the previous newsletters at https://news.infosecgur.us
If you no longer wish to receive this newsletter, you can unsubscribe from this list.