EPISODE · Apr 3, 2026 · 7 MIN
MW WP Form 200K Sites at Risk | Axios Hack | Cisco Breach | Wordfence Security News | March 30, 2026
from Wordfence Security News · host Wordfence
This week in Wordfence Security News (Week of Mar 30, 2026): Over 200,000 WordPress sites at risk from an unauthenticated arbitrary file move vulnerability in the MW WP Form plugin, allowing full site takeoverMassive spike in exploitation attempts targeting the Kali Forms RCE vulnerability, with activity increasing over 60x week-over-weekA major supply chain attack compromises the widely used Axios JavaScript library, distributing backdoored versions to developers worldwide Active exploitation of a critical Citrix NetScaler vulnerability enabling session hijacking and potential full appliance compromiseEuropean Commission confirms a cloud breach with data theft claims by ShinyHuntersCisco internal development environment breached via poisoned Trivy supply chain attack, exposing source code and credentialsTimestamps:0:00 Introduction0:30 MW WP Form Vulnerability1:15 Kali Forms Exploitation Surge1:55 Axios Supply Chain Attack3:20 Citrix NetScaler Active Exploitation4:57 European Commission Breach5:50 Cisco Dev Environment Breach6:47 Wrap up discussionStory Links:MW WP Form VulnerabilityKali Forms Exploitation UpdateAxios Supply Chain Attack (Wiz)Citrix NetScaler AdvisoryEuropean Commission Breach (Bloomberg)Cisco / Trivy Supply Chain AttackStay informed and secure: get the latest WordPress security news on the Wordfence blog or subscribe to the WordPress Security Newsletter.
What this episode covers
This week in Wordfence Security News (Week of Mar 30, 2026): Over 200,000 WordPress sites at risk from an unauthenticated arbitrary file move vulnerability in the MW WP Form plugin, allowing full site takeoverMassive spike in exploitation attempts targeting the Kali Forms RCE vulnerability, with activity increasing over 60x week-over-weekA major supply chain attack compromises the widely used Axios JavaScript library, distributing backdoored versions to developers worldwide Active exploitation of a critical Citrix NetScaler vulnerability enabling session hijacking and potential full appliance compromiseEuropean Commission confirms a cloud breach with data theft claims by ShinyHuntersCisco internal development environment breached via poisoned Trivy supply chain attack, exposing source code and credentialsTimestamps:0:00 Introduction0:30 MW WP Form Vulnerability1:15 Kali Forms Exploitation Surge1:55 Axios Supply Chain Attack3:20 Citrix NetScaler Active Exploitation4:57 European Commission Breach5:50 Cisco Dev Environment Breach6:47 Wrap up discussionStory Links:MW WP Form VulnerabilityKali Forms Exploitation UpdateAxios Supply Chain Attack (Wiz)Citrix NetScaler AdvisoryEuropean Commission Breach (Bloomberg)Cisco / Trivy Supply Chain AttackStay informed and secure: get the latest WordPress security news on the Wordfence blog or subscribe to the WordPress Security Newsletter.
NOW PLAYING
MW WP Form 200K Sites at Risk | Axios Hack | Cisco Breach | Wordfence Security News | March 30, 2026
No transcript for this episode yet
Similar Episodes
No similar episodes found.
Similar Podcasts
No similar podcasts found.