WordPress plugins gone rogue – compromised plugins creating rogue administrator accounts
A recent malvertising campaign targeting vulnerable plugins is now trying to backdoor sites by creating rogue admin accounts. Back in July when the campaign was first noticed it was attempting to hijack sites to push popup ads, tech support scams, and malicious Android apps. Plugins targeted in July included vulnerable versions of Coming Soon Page & Maintenance Mode, which followed attacks in...
Read More