Tag: Common Vulnerability Scoring System

Cybersecurity

WordPress Security Crisis: Hackers Exploit Thousands of Sites in Sophisticated Malware Campaign

A massive campaign compromised thousands of WordPress websites to distribute malware through blockchain-based infrastructure. The sophisticated operation used social engineering tactics to trick users into executing malicious commands on their systems.

Widespread WordPress Compromises

More than 14,000 WordPress websites were systematically compromised and transformed into malware distribution platforms, according to reports from Google‘s Threat Intelligence Group. The campaign, attributed to threat actor UNC5142, represents one of the most extensive web-based malware operations uncovered in recent years. Security analysts suggest the indiscriminate targeting focused on WordPress installations with vulnerable plugins, theme files, and in some cases, the WordPress database itself.

by Bennett Laura
CybersecuritySoftware Guides

Security Industry Leaders Call for Major Reform of Vulnerability Scoring Systems

Industry experts are calling for substantial reforms to the Common Vulnerabilities and Exposures (CVE) and Common Vulnerability Scoring System (CVSS) frameworks. According to recent analysis, approximately one-third of CVEs may be meaningless, while CVSS scores show significant inconsistency in vulnerability assessments.

Vulnerability Assessment Systems Under Scrutiny

Major cybersecurity vulnerability assessment systems require significant overhaul, according to industry analysis from security company Codific. Sources indicate that both the Common Vulnerabilities and Exposures (CVE) identification system and the Common Vulnerability Scoring System (CVSS) suffer from fundamental flaws that undermine their reliability.

by Bennett Laura