Skip to content
SPECIAL

THREATS TO CRITICAL INFRASTRUCTURE IN IRAN CONFLICT

READ MORE

Hackers exploit WordPress sites by silently injecting malicious PHP code

(Justin Morgan / Unsplash)

By Mayura Kathir

Cybercriminals have ramped up attacks on WordPress websites by stealthily modifying theme files to serve unauthorized third-party scripts.

This campaign leverages subtle PHP injections in the active theme’s functions.php to fetch external code, effectively turning compromised sites into silent distributors of malicious ads and malware.

The breach came to light when the site owner noticed unfamiliar JavaScript being executed on their pages.

Read more at GB Hackers

Click to listen highlighted text!