Over 5,000 WordPress websites are hosting a malicious script that creates an unauthorized admin account and downloads a harmful plugin, which steals sensitive data and exfiltrates it to a remote server, according to security researcher Himanshu Anand. To combat these attacks, he recommends blocking certain domains, auditing admin accounts, removing suspicious plugins, implementing multi-factor authentication, and strengthening CSRF protections.

Who’s driving ransomware’s accelerated growth in 2025
The article examines the tactics used by the Internet Advertising Bureau (IAB), their connections to ransomware groups, and the services they provide.