Summary
Hackers are compromising WordPress sites to inject malicious scripts. These scripts can either steal cryptocurrency from visitors’ wallets or hijack their browsers to launch brute-force attacks against other websites. The hackers are likely building a larger pool of compromised sites to launch more extensive attacks in the future.
Kissaki@feddit.de 10 months ago
It’s absurd that XMLRPC is still not disabled by default.