The Hacker News

Fake Security Plugin on WordPress Enables Remote Admin Access for Attackers

Cybersecurity researchers have shed light on a new campaign targeting WordPress sites that disguises the malware as a security plugin. The plugin, which goes by the name "WP-antymalwary-bot.php," comes with a variety of features to maintain access, hide itself from the admin dashboard, and execute remote code. "Pinging functionality that can report back to a command-and-control (C&C) server

May 1, 2025 - 17:09
 0
Fake Security Plugin on WordPress Enables Remote Admin Access for Attackers
Cybersecurity researchers have shed light on a new campaign targeting WordPress sites that disguises the malware as a security plugin. The plugin, which goes by the name "WP-antymalwary-bot.php," comes with a variety of features to maintain access, hide itself from the admin dashboard, and execute remote code. "Pinging functionality that can report back to a command-and-control (C&C) server
Read More

Tags:

Previous Article

Google Password manager is a favourite amongst TechRadar Pro readers - what’s yo...

Next Article

The Films and Shows You Should Be Streaming in May 2025

Related Posts

⚡ THN Weekly Recap: iOS Zero-Days, 4Chan Breach, NTLM Exploits, WhatsApp Spyware & More

⚡ THN Weekly Recap: iOS Zero-Days, 4Chan Breach, NTLM ...

Apr 21, 2025  0

Storm-1977 Hits Education Clouds with AzureChecker, Deploys 200+ Crypto Mining Containers

Storm-1977 Hits Education Clouds with AzureChecker, Dep...

Apr 27, 2025  0

Lazarus Hits 6 South Korean Firms via Cross EX, Innorix Flaws and ThreatNeedle Malware

Lazarus Hits 6 South Korean Firms via Cross EX, Innorix...

Apr 24, 2025  0