Cybersecurity analysts have issued a stark warning to WordPress site owners after uncovering a sophisticated fake caching plugin, dubbed wp-runtime-cache, that silently exfiltrates admin credentials.
The malicious plugin, discovered during a routine malware scan, exploits WordPress’s plugin architecture and cleverly masks its presence, making detection...