Thousands of WordPress sites targeted with malicious plugin backdoor attacks

Security researchers found JavaScript code installing four backdoors to WP-powered sites They also found a vulnerable plugin ...
Bleeping Computer

WordPress plugin disguised as a security tool injects backdoor

A new malware campaign targeting WordPress sites employs a malicious plugin disguised as a security tool to trick users into installing and trusting it. According to Wordfence researchers, the malware ...
Bleeping Computer

Fake jQuery files infect WordPress sites with malware

Security researchers have spotted counterfeit versions of the jQuery Migrate plugin injected on dozens of websites which contains obfuscated code to load malware. These files are named ...
Searchenginejournal.com

WordPress Scraper Plugin Compromised By Security Vulnerability

A WordPress plugin that automatically posts content scraped from other websites has been discovered to contain a critical vulnerability that allows anyone to upload malicious files to affected ...
TechRadar

WordPress sites targeted by malicious plugin disguised as security tool

Wordfence researchers uncover a new piece of WordPress malware Threat actors used AI to create legitimate-looking tools The malware pretends to be an anti-malware product Security researchers have ...
Infosecurity-magazine.com

Malware Campaign Uses Rogue WordPress Plugin to Skim Credit Cards

A newly discovered malware campaign with highly sophisticated capabilities, including credit card skimming, credential theft and user profiling, has been identified by cybersecurity researchers.