Thousands of WordPress websites hit in new malware attack, here's what we know

When you purchase through links on our site, we may earn an affiliate commission.Heres how it works.

After creating the account, the script will download a malicious WordPress plugin, and run it.

The plugin, which wasnt named, is tasked with exfiltrating sensitive data to a remote server.

The data being pulled includes admin credentials and operation statuses, it was added.

So far, we haven’t identified a common denominator, and our investigation is ongoing, Anand said.

Ultimately, they recommend using c/sides services, too.

Being the most popularwebsite builderon the planet, WordPress is constantly being targeted by threat actors.