Balada Injector Targets Unpatched tagDiv Plugin, Themes on WordPress Sites
The Balada Injector gang is actively exploiting vulnerabilities in tagDiv premium themes, such as the recently disclosed Unauthenticated Stored XSS vulnerability, to inject malware into websites.