Global CyberSecurity

Fake WordPress Caching Plugin Used to Steal Admin Credentials

OTCBy
0
Post Views: 56

Published on 06/04/2025 – Last Updated on 06/05/2025 by OTC

A common trend we see is that bad actors will upload malicious plugins to WordPress sites. These plugins serve a wide variety of functions from injecting spam to redirecting sites to other malicious content. In this article we will examine a more dangerous method where plugins can be used to steal admin credentials.

Identifying the malware

During a routine malware scan we noticed a plugin labeled wp-runtime-cache in the wp-content/plugins directory.

Continue reading Fake WordPress Caching Plugin Used to Steal Admin Credentials at Sucuri Blog.

Day 3 at IDET 2025 Live Combat Demo Showcases Czech Army and Exhibitor Defense Products

Previous article

White Papers Are Not Dead and Still Essential for B2B Marketers

Next article

You may also like

Comments

Comments are closed.

More in Global CyberSecurity