WordPress websites are being hacked to hijack your browser — and then attack other sites

0
6

Cybercriminals are using compromised WordPress websites to form a huge army for credential stuffing attacks, experts have warned.

A report from cybersecurity researchers Sucuri spotted the campaign, and believe they know what its goal is – namely looking for vulnerable sites from the website builder, where they can install a small script in the HTML templates. That script forces the website visitor’s computer to visit a different WordPress website (in the background, unbeknownst to the victim) and try to log in using different username and password combinations.

LEAVE A REPLY

Please enter your comment!
Please enter your name here