Keylogger injection campaign covered 2000 WordPress-sites

The experts found that after the closure of the malicious website cloudflare [.] Solutions, with which hackers downloaded the cryptomayer Coinhive and later Keylogger on hacked WordPress sites, hackers registered three new domain names.
According to PublicWWW, at the moment, ...

At the end of November 2017,Security specialists discovered a new malware Wp-Vcd
Wp-Vcd attacks sites running WordPress. The malware uses known vulnerabilities in plug-ins or CMS for attacks and they mask themselves as a legitimate WordPress files. If the attack ...

The backdoor was contained in the fake X-WP-SPAM-SHIELD-PRO plugin
An unknown hacker introduced a backdoor into the source code of the WordPress plugin that masquerades as an anti-spam tool called X-WP-SPAM-SHIELD-PRO.

Apparently, the attacker tried to use the reputation of a ...