Wordfence Security News #10 - WPMaps Pro Exploited, Palo Alto VPN Bug, and AI Agent-Driven Intrusion

This week in Wordfence Security News (Week of June 1, 2026):

• WP Maps Pro flaw lets unauthenticated attackers forge admin accounts; exploitation began May 19th, before public disclosure.
• Palo Alto PAN-OS GlobalProtect authentication bypass under active attack; CISA added it to KEV with a June 1st federal patch deadline.
• FortiClient EMS exploited post-patch to push EKZ infostealer disguised as a Fortinet update to managed endpoints.
• Sysdig documented the first captured intrusion where an LLM agent drove post-compromise activity in real time via unpatched Marimo.
• Flowise one-click RCE lets a malicious chatflow execute code on import; self-hosted installs at risk via STDIO MCP execution path.

Timestamps:

0:00 Introduction

0:34 WP Maps Pro Unauthenticated Admin Account Creation (CVE-2026-8732)

3:00 Palo Alto PAN-OS GlobalProtect Authentication Bypass (CVE-2026-0257)

5:36 FortiClient EMS Exploited to Deliver EKZ Infostealer (CVE-2026-35616)

7:11 First Documented LLM-Agent-Driven Intrusion (Marimo, CVE-2026-39987)

9:32 Flowise One-Click RCE and the MCP stdio Execution Problem (CVE-2026-40933)

Story Links:

• WP Maps Pro Unauthenticated Admin Account Creation (CVE-2026-8732)
• Palo Alto PAN-OS GlobalProtect Authentication Bypass (CVE-2026-0257)
• FortiClient EMS Exploited to Deliver EKZ Infostealer (CVE-2026-35616)
• First Documented LLM-Agent-Driven Intrusion (Marimo, CVE-2026-39987)
• Flowise One-Click RCE and the MCP stdio Execution Problem (CVE-2026-40933)

Stay informed and secure: get the latest WordPress security news on the Wordfence blog or subscribe to the WordPress Security Newsletter.

WooCommerce RCE active exploitation, Drupal SQL injection attacks, Microsoft Defender zero-days, Ghost CMS ClickFix campaign, TrapDoor supply chain, Nimbus Manticore backdoor.

This week in Wordfence Security News (Week of May 25, 2025):

• WooCommerce Custom Product Add-ons Pro RCE flaw (CVE-2026-4001) is under active attack, with exploit attempts spiking May 23-27 against the 21,000-install plugin.
• Drupal Core SQL injection (CVE-2026-9082) hit 6,000 sites across 65 countries within 48 hours of patch release, with attackers exploiting PostgreSQL-backend installs.
• Microsoft issued emergency out-of-band Defender patches for two exploited zero-days - RedSun and UnDefend - after a researcher published proof-of-concept exploits without coordinated disclosure.
• Over 700 Ghost CMS sites were compromised via a ClickFix campaign exploiting a SQL injection flaw discovered by Claude Opus 4.6 during Anthropic security testing.
• TrapDoor cross-ecosystem supply chain campaign spread across NPM, PyPI, and Crates.io with 34-plus malicious packages stealing SSH keys, cloud credentials, and crypto wallet data.
• Iranian state-aligned Nimbus Manticore ran three campaign waves since late February, deploying a new AI-assisted MiniFast backdoor via phishing, trojanized Zoom installers, and search engine poisoning.

Timestamps:

0:00 Introduction

0:31 WooCommerce Custom Product Add-ons Pro RCE Active Exploitation

2:06 Drupal Core SQL Injection Active Exploitation

4:37 Microsoft Defender RedSun and UnDefend Zero-Days

7:11 Ghost CMS ClickFix Campaign

9:43 TrapDoor Cross-Ecosystem Supply Chain Campaign

11:43 Nimbus Manticore AI-Assisted MiniFast Backdoor

Story Links:

• WooCommerce Custom Product Addons Pro RCE (CVE-2026-4001)
• Drupal Core SQL Injection (CVE-2026-9082)
• Microsoft Defender RedSun and UnDefend Zero-Days (CVE-2026-41091, CVE-2026-45498)
• Ghost CMS ClickFix Campaign (CVE-2026-26980)
• TrapDoor Cross-Ecosystem Supply Chain Campaign
• Nimbus Manticore AI-Assisted MiniFast Backdoor

Stay informed and secure: get the latest WordPress security news on the Wordfence blog or subscribe to the WordPress Security Newsletter.

This week in Wordfence Security News (Week of May 18, 2026):

• Burst Statistics plugin auth bypass lets unauthenticated attackers impersonate admins; Wordfence blocked 88,000+ requests across 376 sites.
• Microsoft Exchange OWA zero-day XSS flaw under active exploitation with no permanent patch; CISA deadline set for May 29th.
• Cisco Catalyst SD-WAN auth bypass exploited by UAT-8616; CISA gave federal agencies three days to patch under Emergency Directive 26-03.
• ChromaDB pre-auth RCE loads attacker-controlled AI models before the auth check runs; 73% of exposed instances run a vulnerable version.
• Shai-Hulud worm source code released on GitHub by TeamPCP; copycat packages appeared on NPM within days of publication.
• node-ipc npm package with 800,000 weekly downloads was compromised via an attacker re-registering a maintainer's expired email domain.

Timestamps:

0:00 Introduction
0:37 Burst Statistics Auth Bypass Threatens 200K WordPress Sites
2:52 Microsoft Exchange OWA Zero-Day Under Active Exploitation
5:24 Critical Cisco Catalyst SD-WAN Controller Auth Bypass Under Attack
7:11 ChromaDB Pre-Auth RCE Allows AI Vector Database Server Takeover
9:24 Shai-Hulud Worm Source Code Released on GitHub
11:02 node-ipc npm Package Compromised via Expired Maintainer Domain

Story Links:

• Burst Statistics Auth Bypass Threatens 200K WordPress Sites: https://www.wordfence.com/blog/2026/05/200000-wordpress-sites-at-risk-from-critical-authentication-bypass-vulnerability-in-burst-statistics-plugin/
• Microsoft Exchange OWA Zero-Day Under Active Exploitation: https://techcommunity.microsoft.com/blog/exchange/addressing-exchange-server-may-2026-vulnerability-cve-2026-42897/4518498
• Critical Cisco Catalyst SD-WAN Controller Auth Bypass Under Attack: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa2-v69WY2SW
• ChromaDB Pre-Auth RCE Allows AI Vector Database Server Takeover: https://www.hiddenlayer.com/research/chromatoast-served-pre-auth
• Shai-Hulud Worm Source Code Released on GitHub: https://www.ox.security/blog/shai-hulud-open-source-malware-github/
• node-ipc npm Package Compromised via Expired Maintainer Domain: https://www.bleepingcomputer.com/news/security/popular-node-ipc-npm-package-compromised-to-steal-credentials/

Stay informed and secure: get the latest WordPress security news on the Wordfence blog or subscribe to the WordPress Security Newsletter.

This week in Wordfence Security News (Week of May 11, 2026):

• Active mass exploitation of an information disclosure vulnerability in Gravity SMTP exposes API keys and mail service credentials, with the Wordfence firewall blocking nearly 788,000 exploit attempts across more than 77,000 unique WordPress sites
• A critical authentication bypass in cPanel and WHM is now under active exploitation, allowing unauthenticated attackers to gain administrative access and potentially compromising every WordPress site on a shared host
• Suspected state-sponsored attackers exploit a Palo Alto PAN-OS zero-day buffer overflow in the User ID Authentication Portal, achieving root code execution on PA series and VM series firewalls and pivoting via high-availability failover
• The Shai-Hulud supply chain worm returns as attackers hijack TanStack's GitHub Actions release pipeline, publishing over 170 malicious packages across NPM and PyPI with valid signatures and provenance attestations
• Google's Threat Intelligence group identifies the first zero-day exploit believed to have been developed with AI assistance, targeting a two-factor authentication bypass in an unnamed open source web administration tool
• A Linux kernel privilege escalation vulnerability called Dirty Frag becomes public after its coordinated disclosure embargo collapses, with Microsoft Defender reporting limited in-the-wild exploitation for root escalation after SSH access

Timestamps:

0:00 Introduction
0:33 Gravity SMTP Information Disclosure Exploitation
3:19 cPanel and WHM Authentication Bypass
4:22 Palo Alto PAN-OS Zero-Day
5:56 Shai-Hulud Supply Chain Worm Hits TanStack
7:09 Google Identifies First AI-Assisted Zero-Day
8:24 Dirty Frag Linux Kernel Privilege Escalation

Story Links:

• Gravity SMTP Exploited at Scale: https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/gravitysmtp/gravity-smtp-214-unauthenticated-sensitive-information-exposure-via-rest-api
• PAN-OS zero-day: https://security.paloaltonetworks.com/CVE-2026-0300
• Mini Shai-Hulud worm: https://www.wiz.io/blog/mini-shai-hulud-strikes-again-tanstack-more-npm-packages-compromised
• Google GTIG AI zero-day: https://cloud.google.com/blog/topics/threat-intelligence/ai-vulnerability-exploitation-initial-access
• DirtyFrag Linux LPE: https://github.com/V4bel/dirtyfrag

Stay informed and secure: get the latest WordPress security news on the Wordfence blog or subscribe to the WordPress Security Newsletter.

This week in Wordfence Security News (Week of Apr 27, 2026):

• A critical unauthenticated arbitrary file upload vulnerability in BreezeCache, a caching plugin with over 400,000 active installations, went from disclosure to mass exploitation in under 24 hours with over 22,000 exploit attempts blocked across nearly 5,000 sites
• Attackers published a malicious version of the Bitwarden CLI package on NPM that harvested credentials from six different sources including SSH keys, cloud secret stores, and AI assistant configs during a 93-minute window before removal
• The Bitwarden supply chain attack connects to a broader campaign targeting Checkmarx, with Team PCP claiming responsibility and links to the Shai-Hulud self-propagating NPM worm from 2025
• Home security giant ADT confirmed a data breach after ShinyHunters listed the company on its leak site, with Have I Been Pwned tracking 5.5 million unique email addresses tied to the breach
• ShinyHunters used a voice phishing attack to compromise an ADT employee's Okta SSO account and pivot to Salesforce, highlighting why phishing-resistant MFA like FIDO2 or WebAuthn is critical over SMS or TOTP
• A 12-year-old privilege escalation vulnerability dubbed Pack2TheRoot in PackageKit lets any local unprivileged user install arbitrary packages as root, affecting Ubuntu, Debian, Fedora, and Rocky Linux since 2014

Timestamps:

0:00 Introduction
0:34 BreezeCache Critical File Upload Vulnerability and Mass Exploitation
3:50 Bitwarden CLI Supply Chain Attack via NPM
6:25 ADT Data Breach by ShinyHunters
7:49 Why Phishing-Resistant MFA Matters
8:54 PackageKit Privilege Escalation Vulnerability

Story Links:

• Breeze Cache — Active Exploitation (CVE-2026-3844): https://www.wordfence.com/threat-intel/vulnerabilities/id/e342b1c0-6e7f-4e2c-8a52-018df12c12a0
• Bitwarden CLI Compromised in Checkmarx Supply Chain Attack: https://thehackernews.com/2026/04/bitwarden-cli-compromised-in-ongoing.html
• SharePoint Patching Laggards — CVE-2026-32201: https://www.bleepingcomputer.com/news/security/over-1-300-microsoft-sharepoint-servers-vulnerable-to-ongoing-attacks/
• ADT Confirmed in ShinyHunters Breach: https://www.bleepingcomputer.com/news/security/adt-confirms-data-breach-after-shinyhunters-leak-threat/
• Pack2TheRoot — 12-Year-Old PackageKit Privilege Escalation (CVE-2026-41651): https://github.security.telekom.com/2026/04/pack2theroot-linux-local-privilege-escalation.html

Stay informed and secure: get the latest WordPress security news on the Wordfence blog or subscribe to the WordPress Security Newsletter.

This week in Wordfence Security News (Week of Apr 13, 2026):

• Over 30 WordPress plugins purchased on the Flippa marketplace were turned into backdoors that sat dormant for eight months before activating to inject SEO spam into wp-config.php, visible only to Googlebot
• Smart Slider 3 Pro's update infrastructure was compromised, pushing a weaponized build through the official update channel for approximately six hours before being caught
• Microsoft's second-largest Patch Tuesday ever fixes roughly 165 vulnerabilities including a SharePoint spoofing zero-day already under active exploitation and a Defender privilege escalation zero-day linked to the BlueHammer public exploit
• Adobe released an emergency patch for an Acrobat Reader zero-day exploited in the wild since late 2025, discovered via malicious Russian-language PDFs about gas supply disruptions
• ShinyHunters extortion group listed Rockstar Games on its leak site after stealing authentication tokens from cloud analytics platform Anadot and accessing Rockstar's connected Snowflake data warehouse
• A critical pre-authentication remote code execution flaw in Marimo, an open-source Python notebook platform, was exploited within 10 hours of its advisory being published with no public proof of concept

Timestamps:

0:00 Introduction
0:26 Supply Chain Attack on 30+ Essential Plugin WordPress Plugins
2:08 Smart Slider 3 Pro Update Infrastructure Compromised
2:55 Kali Forms and Ninja Forms File Upload Exploitation Updates
3:21 Microsoft Patch Tuesday with SharePoint and Defender Zero-Days
5:31 Adobe Acrobat Reader Zero-Day Emergency Patch
6:26 ShinyHunters Breach of Rockstar Games via Anadot Tokens
7:16 Marimo RCE Exploited Within 10 Hours of Disclosure

Story Links:

• 30+ Plugins Backdoored After Flippa Acquisition: https://anchor.host/someone-bought-30-wordpress-plugins-and-planted-a-backdoor-in-all-of-them/
• Smart Slider 3 Pro — Supply Chain Compromise: https://smartslider.helpscoutdocs.com/article/2144-wordpress-security-advisory-smart-slider-3-pro-3-5-1-35-compromise
• Kali Forms exploitation update: https://www.wordfence.com/blog/2026/04/attackers-actively-exploiting-critical-vulnerability-in-kali-forms-plugin/
• Ninja Forms File Upload exploitation update: https://www.wordfence.com/blog/2026/04/50000-wordpress-sites-affected-by-arbitrary-file-upload-vulnerability-in-ninja-forms-file-upload-wordpress-plugin/
• April Patch Tuesday — SharePoint Zero-Day Exploited: https://www.bleepingcomputer.com/news/microsoft/microsoft-april-2026-patch-tuesday-fixes-167-flaws-2-zero-days/
• BlueHammer — Defender Zero-Day: https://www.bleepingcomputer.com/news/microsoft/microsoft-april-2026-patch-tuesday-fixes-167-flaws-2-zero-days/
• Adobe Reader Zero-Day — Exploited Since Late 2025: https://helpx.adobe.com/security/products/acrobat/apsb26-43.html
• Rockstar Games Breach via Third-Party Analytics: https://www.bleepingcomputer.com/news/security/stolen-rockstar-games-analytics-data-leaked-by-extortion-gang/
• Marimo RCE — Exploited in Under 10 Hours: https://www.sysdig.com/blog/marimo-oss-python-notebook-rce-from-disclosure-to-exploitation-in-under-10-hours

Stay informed and secure: get the latest WordPress security news on the Wordfence blog or subscribe to the WordPress Security Newsletter.

This week in Wordfence Security News (Week of Apr 6, 2026):

• An arbitrary file upload vulnerability in Ninja Forms File Upload puts 50,000+ WordPress sites at risk
• A Fortinet zero-day actively exploited in the wild
• A CERT-EU report reveals a European Commission cloud breach tied to a Trivy supply chain attack — with Cisco source code stolen in the fallout
• Anthropic announces Project Glasswing
• Germany doxes "UNKN," the head of the REvil and GandCrab ransomware gangs

Story Links:

• Ninja Forms File Upload Vulnerability: https://www.wordfence.com/blog/2026/04/50000-wordpress-sites-affected-by-arbitrary-file-upload-vulnerability-in-ninja-forms-file-upload-wordpress-plugin/
• Fortinet Advisory: https://fortiguard.fortinet.com/psirt/FG-IR-26-099
• CERT-EU Report: https://cert.europa.eu/blog/european-commission-cloud-breach-trivy-supply-chain
• Cisco / Trivy Fallout: https://www.bleepingcomputer.com/news/security/cisco-source-code-stolen-in-trivy-linked-dev-environment-breach/
• Anthropic Glasswing Announcement: https://www.anthropic.com/
• Krebs on Security (REvil): https://krebsonsecurity.com/2026/04/germany-doxes-unkn-head-of-ru-ransomware-gangs-revil-gandcrab/

Stay informed and secure: get the latest WordPress security news on the Wordfence blog or subscribe to the WordPress Security Newsletter.

This week in Wordfence Security News (Week of Mar 30, 2026): 

• Over 200,000 WordPress sites at risk from an unauthenticated arbitrary file move vulnerability in the MW WP Form plugin, allowing full site takeover
• Massive spike in exploitation attempts targeting the Kali Forms RCE vulnerability, with activity increasing over 60x week-over-week
• A major supply chain attack compromises the widely used Axios JavaScript library, distributing backdoored versions to developers worldwide Active exploitation of a critical Citrix NetScaler vulnerability enabling session hijacking and potential full appliance compromise
• European Commission confirms a cloud breach with data theft claims by ShinyHunters
• Cisco internal development environment breached via poisoned Trivy supply chain attack, exposing source code and credentials

Timestamps:

0:00 Introduction
0:30 MW WP Form Vulnerability
1:15 Kali Forms Exploitation Surge
1:55 Axios Supply Chain Attack
3:20 Citrix NetScaler Active Exploitation
4:57 European Commission Breach
5:50 Cisco Dev Environment Breach
6:47 Wrap up discussion

Story Links:

• MW WP Form Vulnerability
• Kali Forms Exploitation Update
• Axios Supply Chain Attack (Wiz)
• Citrix NetScaler Advisory
• European Commission Breach (Bloomberg)
• Cisco / Trivy Supply Chain Attack

Stay informed and secure: get the latest WordPress security news on the Wordfence blog or subscribe to the WordPress Security Newsletter.  

This week in Wordfence Security News (Week of Mar 23, 2026): 

• Same-day exploitation of a critical RCE vulnerability in the Kali Forms plugin, attackers can achieve full admin takeover with a single request
• Ongoing mass exploitation of the s2Member plugin targeting password reset functionality
• Breaking News: Iran-linked hackers claim breach of FBI Director Kash Patel’s personal email
• A critical Cisco firewall management vulnerability exploited as a zero-day by ransomware actors
• FBI and CISA warn of phishing campaigns targeting messaging app accounts

Timestamps:

0:00 Introduction
0:25 Kali Forms RCE Vulnerability
1:34 s2Member Mass Exploitation
2:20 Breaking News – FBI Email Breach
2:45 Cisco Firewall RCE Exploitation
5:03 Messaging App Phishing Campaigns

Story Links:

• Kali Forms RCE Vulnerability: https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/kali-forms/kali-forms-249-unauthenticated-remote-code-execution-via-form-process
• s2Member Exploitation Campaign: https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/s2member/s2member-260127-unauthenticated-privilege-escalation-via-account-takeover
• Cisco Firewall Advisory: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-rce-NKhnULJh
• Interlock Ransomware Coverage: https://www.ic3.gov/PSA/2026/PSA260320
• Reuters – FBI Email Breach: https://www.reuters.com/world/us/iran-linked-hackers-claim-breach-of-fbi-directors-personal-email-doj-official-2026-03-27/

Stay informed and secure: get the latest WordPress security news on the Wordfence blog or subscribe to the WordPress Security Newsletter.  

This week in Wordfence Security News (Week of Mar 9, 2026): 

• A critical auth bypass in Tutor LMS Pro exposes 30,000+ WordPress sites — attackers can hijack admin accounts via a Google sign-in flaw
• An unauthenticated SQL injection in Ally (400K+ sites)
• Microsoft Patch Tuesday with ~80 fixes including AI-related exploits
• A max-severity Cisco SD-WAN zero-day exploited since 2023
• Iran-linked group Handala's claimed attack on medical device maker Stryker.

Timestamps:

0:00 Introduction
0:22 Tutor LMS Pro Authentication Bypass
1:31 Ally WordPress Plugin SQL Injection
1:50 Microsoft Patch Tuesday
2:46 Cisco SD-WAN Zero-Day
4:26 Handala Attack on Stryker
5:03 Iranian Drone Strikes on AWS Data Centers

Story Links:

• Tutor LMS Pro Auth Bypass: https://www.wordfence.com/blog/2026/03/30000-wordpress-sites-affected-by-authentication-bypass-vulnerability-in-tutor-lms-pro-wordpress-plugin/
• Ally Plugin SQL Injection: https://www.wordfence.com/blog/2026/03/400000-wordpress-sites-affected-by-unauthenticated-sql-injection-vulnerability-in-ally-wordpress-plugin/
• Microsoft Patch Tuesday: https://msrc.microsoft.com/update-guide/
• Cisco SD-WAN Advisory: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4v
• Iran Cyber Retaliation: https://industrialcyber.co/reports/cyber-retaliation-surges-after-us-israel-strikes-on-iran-as-hacktivists-hit-governments-defense-critical-sectors/
• Stryker Cyberattack (WSJ): https://www.wsj.com/articles/stryker-hit-with-suspected-iran-linked-cyberattack-52f6615c
• AWS Data Centers Struck (BBC): https://www.bbc.com/news/articles/cgk28nj0lrjo
• Weekly Vulnerability Report: https://www.wordfence.com/blog/2026/03/wordfence-intelligence-weekly-wordpress-vulnerability-report-march-2-2026-to-march-8-2026/

Stay informed and secure: get the latest WordPress security news on the Wordfence blog or subscribe to the WordPress Security Newsletter.