Hackers Exploit WordPress mu-Plugins to Inject Spam and Hijack Site Images

Hackers Exploit WordPress mu-Plugins to Inject Spam and Hijack Site Images

/in

Threat actors are using the “mu-plugins” directory in WordPress sites to conceal malicious code with the goal of maintaining persistent remote access and redirecting site visitors to bogus sites.
mu-plugins, short for must-use plugins, refers to plugins in a special directory (“wp-content/mu-plugins”) that are automatically executed by WordPress without the need to enable them explicitly via the

The Hacker News – ​Read More

Qakbot Resurfaces in Fresh Wave of ClickFix AttacksQakbot Resurfaces in Fresh Wave of ClickFix AttacksThreat Actors Deploy WordPress Malware in ‘mu-plugins’ Directory