Researchers Uncover Malicious WordPress Plugin Enabling Persistent Website Attacks
In order to enable attackers to remain on websites, evade detection, and run remote code, cybersecurity researchers have discovered a malicious WordPr
In order to enable attackers to remain on websites, evade detection, and run remote code, cybersecurity researchers have discovered a malicious WordPress plugin masquerading as a security utility. Since its initial discovery in January 2025, the malware, known as WPantimalwarebot.php, has developed new variations. It inserts dangerous PHP code into theme headers, modifies cache plugins, and gives administrator access. If removed, the malware will reinstall itself thanks to a rogue wpcron.php file. Additionally, more recent iterations insert JavaScript advertisements from stolen domains, which may indicate click fraud or malvertising. To reduce dangers, security professionals suggest updating WordPress installations, keeping an eye on site activity, and deleting the plugin.
Read More..
B2B Tech News | 18 days ago