Cybercriminals Abusing an Abandoned WordPress Plugin for Malicious Code Injection

Threat actors found a new method to inject malicious code into websites. They are now using an abandoned WordPress plugin, Eval PHP. The plugin is still available in the WordPress plugins repository and had approximately 4,000 malicious installations per day this month. The Abandoned Plugin Eval PHP enables site administrators to embed PHP code in […]

The post Cybercriminals Abusing an Abandoned WordPress Plugin for Malicious Code Injection appeared first on Heimdal Security Blog.