Cybersecurity researchers have shed light on a new campaign targeting WordPress sites that disguises the malware as a security plugin.
The plugin, which goes by the name « WP-antymalwary-bot.php, » comes with a variety of features to maintain access, hide itself from the admin dashboard, and execute remote code.
« Pinging functionality that can report back to a command-and-control (C&C) server
