Stealthy WordPress Malware Exploits Mu-Plugins Directory

Attackers are hiding malware in WordPress mu-plugins, bypassing detection and gaining persistent access. Learn how it works and how to secure your site.

🎓️ Vulnerable U | #109

SignalGate, Next.js auth vuln, Kubernetes major RCE bug, Chinese shell companies hiring laid off gov employees, and much more!

Chrome Zero Day CVE-2025-2783 Used in Targeted Attacks

Critical Bugs In Ingress-NGINX Allow Kubernetes Cluster Takeover

Critical Next.js CVE-2025-29927 Flaw Disclosed

🎓️ Vulnerable U | #108

More CISA DOGE drama, US softening on Russia cyber defenses, 60M malware app downloads from Google Play Store, Massive Github supply chain hack, and much more!

Apache Tomcat CVE-2025-24813 Under Attack

CISA Warns of Supply Chain Compromise of tj-actions/changed-files GitHub Action

CISA Adds Apple CVE-2025-24201 to KEV Catalog

🎓️ Vulnerable U | #107

CISA having a bad time, Microsoft and Google Threat Intel full of goodies this week, SSRF on the rise as per GreyNoise, and much more!

Microsoft Disrupts Huge Malvertising Campaign

🎓️ Vulnerable U | #106

US stand down against Russia, Microsoft intel on Silk Typhoon, Some spicy polymorphic malware, a super huge and instantly spun up botnet, and much more!