Skip to content
SPECIAL

THREATS TO CRITICAL INFRASTRUCTURE IN IRAN CONFLICT

READ MORE

New WordPress malware masquerades as plugin

(Image by Werner Moser from Pixabay)

By Alessandro Mascellino

A dangerous malware variant disguised as a legitimate WordPress plugin has been uncovered by security researchers.

The malware, named “WP-antymalwary-bot.php,” gives attackers persistent access to infected websites, injects malicious code and can serve remote advertisements to site visitors.

Discovered by the Wordfence Threat Intelligence team during a routine site cleanup on January 22 2025, the malware mimics the structure of a genuine plugin, complete with standard formatting and metadata.

Read more at Infosecurity Magazine

Click to listen highlighted text!