Fake WordPress Caching Plugin Used to Steal Admin Credentials

A common trend we see is that bad actors will upload malicious plugins to WordPress sites. These plugins serve a wide variety of functions from injecting spam to redirecting sites to other malicious content. In this article we will examine a more dangerous method where plugins can be used to steal admin credentials.

Identifying the malware

During a routine malware scan we noticed a plugin labeled wp-runtime-cache in the wp-content/plugins directory.

Continue reading Fake WordPress Caching Plugin Used to Steal Admin Credentials at Sucuri Blog.

Story added 4. June 2025, content source with full text you can find at link above.

Comments are closed.

More antivirus and malware news?

Fake WordPress Caching Plugin Used to Steal Admin Credentials

More antivirus and malware news?

Ads

Security news

Malware

Security

IT security

About site

Search Terms Tips

Recent New Tips

Recent Posts