W3 Total Cache WordPress plugin vulnerable to PHP command injection

WordPress plugin can be exploited to run PHP commands on the server by posting a comment that contains a malicious payload.
The Hacker News

âš¡ Weekly Recap: Fortinet Exploited, China's AI Hacks, PhaaS Empire Falls & More

Fortinet CVE exploited, China-linked AI attacks exposed, PhaaS platform dismantled, and fake crypto apps deploy RATs. Catch this week’s top threats.