2 mails with different gz attachment contain the same chm file. This downloads and launches the malware. Stolen data is exfiltrated thanks to the FTP of a Bosnian company.
WordPress, Hashthemes Demo Importer has a critical vulnerability. Wordfence cybersecurity experts: The plugin flaw enables any authorized user to entirely wipe a site clean, erasing all of the material and data posted to it
Hashthemes Demo Importer is a popular WordPress plugin, but it has a critical vulnerability. It has been discovered by Wordfence cybersecurity experts. The flaw enables any authorized user to entirely wipe a susceptible site clean, erasing all of the material and data posted to it. According to Lifars, the plugin capability checks for several AJAX operations were inadequate. That enabled underprivileged authenticated users of the site to see the AJAX nonce on the dashboard. As a result, any authenticated opponent may reset the site, even if they were just at the subscriber level. In the worst-case scenario, a cybercrime actor may even altogether remove the site’s content from the internet.