Bleeping Computer

Carding tool abusing WooCommerce API downloaded 34K times on PyPI

A newly discovered malicious PyPi package named 'disgrasya' that abuses legitimate WooCommerce stores for validating stolen credit cards has been downloaded over 34,000 times from the open-source ...

Security Researcher: WordPress 7.0 Could Trigger Rush To Steal AI API Keys

WordPress 7.0 exposes AI API keys. Security researcher says there "will be an absolute rush by hackers to steal API keys" ...
Bleeping Computer

WordPress force patching WooCommerce plugin with 500K installs

Automattic, the company behind the WordPress content management system, is force installing a security update on hundreds of thousands of websites running the highly popular WooCommerce Payments for ...
Dark Reading

Attackers Pummel Millions of Websites via Critical WooCommerce Payments Flaw

Attackers have been exploiting a critical flaw in the WordPress WooCommerce Payments plug-in in a spate of attacks over the last few days that peaked at 1.3 million attempts against 157,000 sites on ...