Blog | G5 Cyber Security

Update on jQuery.com Compromises

This attack was aimed at defacing our sites, and did not inject malware like the attack that was reported on September 18th by RiskIQ. The only people who have a user account for the WordPress sites affected by these attacks are members of the jQuery team; we do not have any public user registration for any sort of account on any of the affected sites. We are taking steps to re-secure our servers, upgrade dependencies, and address vulnerabilities. We have moved http://jquery.com to a new server only running code we trust.”]

Source: https://blog.jquery.com/2014/09/24/update-on-jquery-com-compromises/

Exit mobile version