AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.
NBC News

NBC News Learn

Educational video resources for students, teachers, and lifelong learners. Dr. Monica Rho is the team physician for the U.S. Women's National Soccer Team. She specializes in rehabbing players, using ...
GitHub

nuclei_poc /poc_all /java

The Async Javascript plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the '&aj_gtmetrix_username=' and '&aj_gtmetrix_api_key=' parameters in versions up to, and including, 2.20.12 ...
GitHub

css-javascript-toolbox-plugin_1.yaml

The CSS & JavaScript Toolbox plugin for WordPress is vulnerable to Sensitive Data Exposure in versions up to, and including, 8.4.1 by accessing '/wp-content/plugins ...
Cyber Daily

Pressing matter: A global WordPress ClickFix malware campaign is targeting Australian websites

Rapid7 researchers spot a malicious campaign aimed at harvesting credentials and digital wallets from Windows machines.