VulnHub

Real-time Cybersecurity News

Police cleans nearly 15,000 SocGholish-infected sites tied to Evil Corp

BleepingComputer
Actively Exploited
PhishingMalwareBotnet

Overview

International law enforcement has successfully taken action against the SocGholish botnet, which is linked to the notorious Russian cybercrime group Evil Corp. They cleaned nearly 15,000 WordPress websites infected with malware and dismantled over 100 servers used in these attacks. This operation is significant as SocGholish is known for distributing malware that targets users through fake software updates and phishing tactics. The cleanup effort not only helps to secure the affected websites but also disrupts the operations of a well-established cybercrime group, which could reduce the risk of future attacks on unsuspecting users. The impact of this operation highlights the ongoing battle against cybercrime and the importance of maintaining secure online environments.

Key Takeaways

  • Active Exploitation: This vulnerability is being actively exploited by attackers. Immediate action is recommended.
  • Affected Systems: WordPress websites, malware distribution platforms
  • Action Required: Site owners are encouraged to update their WordPress installations, apply security patches, and regularly scan for malware to prevent infections.
  • Timeline: Ongoing since recent months

Original Article Summary

International law enforcement agencies cleaned nearly 15,000 malware-infected WordPress websites and took down more than 100 servers linked to the SocGholish botnet and the Evil Corp Russian cybercrime group. [...]

Impact

WordPress websites, malware distribution platforms

Exploitation Status

This vulnerability is confirmed to be actively exploited by attackers in real-world attacks. Organizations should prioritize patching or implementing workarounds immediately.

Timeline

Ongoing since recent months

Remediation

Site owners are encouraged to update their WordPress installations, apply security patches, and regularly scan for malware to prevent infections.

Additional Information

This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.

Related Topics: This incident relates to Phishing, Malware, Botnet.

Read Original Article

Related Coverage

Accenture shells out $4.18B on three companies in big industrial cybersecurity push

CyberScoop

Accenture has made a significant move in the cybersecurity sector by investing $4.18 billion to acquire a majority stake in Dragos, along with the companies runZero and NetRise. This marks Accenture's first major entry into operational technology software at a time when threats to critical infrastructure are on the rise, particularly those driven by artificial intelligence. The acquisitions aim to bolster Accenture's capabilities in protecting industrial systems from cyberattacks, which are becoming increasingly sophisticated. As organizations rely more on connected technologies, ensuring the security of these systems is crucial for preventing potential disruptions. This strategic investment highlights the growing emphasis on safeguarding operational technology in various industries.

Jun 18, 2026

Fake GitHub Stars and AI Videos Mask a Crypto Clipper

Infosecurity Magazine

Researchers have discovered a new Rust-based crypto clipper that uses fake GitHub stars and AI-generated YouTube videos to attract victims. This malware secretly steals cryptocurrency by intercepting clipboard data, making it particularly dangerous for users engaging in crypto transactions. The clipper disguises itself as a legitimate tool, misleading users into downloading it. This incident is concerning as it highlights how attackers are increasingly using social engineering tactics to gain trust and spread malware. Users are advised to be cautious about the tools they download and to verify sources before installation.

Jun 18, 2026

ICO Cautions Healthcare Worker After Princess of Wales Incident

Infosecurity Magazine

A healthcare worker has been cautioned by the Information Commissioner's Office (ICO) after attempting to sell the medical records of the Princess of Wales. The incident occurred at a hospital where the insider tried to profit from sensitive information regarding the royal's health. Although the ICO decided not to pursue criminal charges, the case raises significant concerns about data privacy and the protection of personal health information in the healthcare sector. This event underscores the continuous need for stringent data protection measures, especially in environments that handle sensitive information. The potential for misuse of such data could undermine public trust in healthcare systems.

Jun 18, 2026

ShapedPlugin update flow hacked to infect WordPress sites

BleepingComputer

A supply chain attack has targeted multiple WordPress plugins from ShapedPlugin, leading to the distribution of compromised updates to paying customers through the vendor's official update mechanism. This breach allowed attackers to inject malicious code into the plugins, potentially affecting numerous WordPress sites that rely on these tools. Users of affected plugins may face serious security risks, including unauthorized access and data breaches. The situation is alarming as it underscores the vulnerability of software supply chains, where attackers can exploit trusted sources to distribute malware. Website owners using these plugins should take immediate precautions, including checking for updates and reviewing security practices to mitigate any potential damage.

Jun 18, 2026

Cybercriminals Are Worried About AI Taking Their Jobs Too

Infosecurity Magazine

A recent analysis by Sophos reveals that cybercriminals are expressing concerns about artificial intelligence potentially taking over their roles in the hacking community. Discussions on underground forums indicate that some hackers fear AI could automate certain tasks, making their skills less valuable. This shift could lead to increased competition and challenges in the underground economy, as AI tools become more accessible. The implications of this trend could affect the strategies that hackers employ, as they may need to adapt to remain relevant. Understanding this dynamic is crucial for cybersecurity professionals who monitor criminal activities online and develop defenses against evolving threats.

Jun 18, 2026

Apple fixes Beats Studio Buds flaw that let hackers spy on conversations

BleepingComputer

Apple has addressed a significant security vulnerability in its Beats Studio Buds wireless earbuds that could have allowed hackers within Bluetooth range to eavesdrop on conversations. This flaw posed a risk to users, as it could potentially compromise their privacy during sensitive discussions. Apple has rolled out security updates to fix this issue, emphasizing the importance of keeping devices up to date with the latest software. Users of Beats Studio Buds should ensure they apply these updates promptly to protect against potential unauthorized access. This incident serves as a reminder of the vulnerabilities that can exist in everyday technology and the need for manufacturers to prioritize user security.

Jun 18, 2026