AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.
GitHub

A list of funny and tricky JavaScript examples

JavaScript is a great language. It has a simple syntax, large ecosystem and, what is most important, a great community. At the same time, we all know that JavaScript is quite a funny language with ...
The Hacker News

Investigating a New Click-Fix Variant

New ClickFix variant maps WebDAV drive to run trojanized WorkFlowy app, enabling stealth C2 beacon and payload delivery.

Formidable Forms Flaw Lets Attackers Pay Less For Expensive Purchases

Formidable Forms WordPress flaw enables unauthenticated attackers to pay a small amount and have a more expensive transaction marked as paid.
SecurityWeek

Ally WordPress Plugin Flaw Exposes Over 200,000 Websites to Attacks

A vulnerability in the Ally WordPress plugin exposes over 200,000 websites to sensitive information disclosure via SQL queries.
GitHub

Bootstrap Gutenberg Blocks for WordPress

Bootstrap Gutenberg Blocks for WordPress. This plugin adds Bootstrap components and layout options as Gutenberg blocks. Fluid: If enabled the container will use the full available width, spanning the ...