Security News Fake Security Plugin on WordPress Enables Remote Admin Access for Attackers TheHackerNews Daniel Bender May 1, 2025 Backdoor plugin hijacks WordPress sites with admin access, stealth reinfection, and JS ad fraud—active since Jan 2025.
