Hi all,
I got 2 phplist installations on 2 different servers among other domains/installations of various software not related with phplist.
I got hacked on those 2 installations of phplist only, nothing else in any other domain/software.
All files including under config/ where edited and removed all content and instead of the proper source code they added a redirect to an external site.
I’m trying to find a way to track down how on earth that happened and can’t really find anything helpful in logs etc.
I’m running the latest version of phplist on both versions and there is no folder with 777 permissions.
Any help is very much appreciated.