Backdoor Lurks Behind WordPress Caching Plugin to Hijack Websites
Evasive malware disguised as a caching plugin allows attackers to create an admin account on a WordPress site, then take over and monetize sites at the expense of legitimate SEO and user privacy.