A sophisticated malware campaign is targeting WordPress administrators, using a deceptive caching plugin to steal login details and compromise website security. The malware, which poses as a plugin called “wp-runtime-cache”, specifically targets admin users and sends authentication data to external servers controlled by cybercriminals. The malware can hide itself from the WordPress plugins list, thereby evading detection, and implements role-based targeting to steal admin and editor-level credentials. The information is sent to a potentially fraudulent domain. User protection measures include regular security audits, 2FA or IP restrictions, and regularly updating admin passwords.
Assuring patient trust in a connected world
Enterprise Taxonomy includes key areas like Cybersecurity, Privacy, EHR, Data and Information, and Core Technologies. The settings indicate that this content should not be included
