A sophisticated WordPress malware campaign has been discovered operating through the rarely monitored mu-plugins directory, giving attackers persistent access to compromised websites while evading traditional security measures. The malicious code, identified as wp-index.php, exploits WordPress’s “must-use plugins” functionality to maintain continuous operation without the possibility of deactivation through the admin panel. The backdoor employs advanced […]
The post Stealthy Backdoor in WordPress Plugins Gives Attackers Persistent Access to Websites appeared first on Cyber Security News.
This article has been indexed from Cyber Security News
Read the original article: