Cybersecurity researchers have shed light on a new campaign targeting WordPress sites that disguises the malware as a security plugin.The plugin, which goes by the name “WP-antymalwary-bot.php,” comes with a variety of features to maintain access, hide itself from the admin dashboard, and execute remote code.”Pinging functionality that can report back to a command-and-control (C&C) server
First seen on thehackernews.com
Jump to article: thehackernews.com/2025/05/fake-security-plugin-on-wordpress.html
