Fake Java Update Popup Found in Malicious WordPress Plugin
We recently assisted a customer who reported a persistent and concerning “Java Update” pop-up appearing on their WordPress website. This type of deceptive notification is a common tactic used by attackers to compromise website visitors. Our investigation revealed a malicious plugin operating stealthily within their WordPress environment.
What Did We Find?
A plugin installed in the /wp-content/plugins/contact-form/ directory, posed as “Yoast SEO”, complete with fake metadata to mislead site owners. However, it served a completely different purpose.
Continue reading Fake Java Update Popup Found in Malicious WordPress Plugin at Sucuri Blog.
Read more: Fake Java Update Popup Found in Malicious WordPress Plugin
Story added 28. May 2025, content source with full text you can find at link above.