安全攻防 None 流行的 WordPress 插件脚本被篡改,在网站上植入隐藏后门 An attacker tampered with trusted JavaScript files used by WordPress sites running PushEngage, OptinMonster, and TrustPu the attacker files 2026-06-15 info@thehackernews.com (The Hacker News)
安全攻防 None LiteSpeed cPanel 插件 CVE-2026-48172 被利用以 root 身份运行脚本 A maximum-severity security vulnerability impacting LiteSpeed User-End cPanel Plugin has come under active exploitation cPanel attacker maximum 2026-05-23 info@thehackernews.com (The Hacker News)
安全攻防 None 思科修补了 CVSS 10.0 安全工作负载 REST API 缺陷,从而实现数据访问 Cisco has rolled out updates for a maximum-severity security flaw impacting Secure Workload that could allow an unauthen could attacker vulnerability 2026-05-22 info@thehackernews.com (The Hacker News)