Fake jQuery files infect WordPress sites with malware

Security researchers have spotted counterfeit versions of the jQuery Migrate plugin injected on dozens of websites which contains obfuscated code to load malware.

These files are named jquery-migrate.js and jquery-migrate.min.js and present at the exact locations where JavaScript files are normally present on WordPress sites but are in fact malicious.

As of today, over 7.2 million websites use the jQuery Migrate plugin, which explains why attackers would disguise their malware under this popular plugin’s name.

Researchers spot fake jQuery files which are malware

This week security…


More Info

About mblog.my

Check Also

New Prototype Runs WordPress in the Browser with No PHP Server – WP Tavern

Automattic-sponsored core contributor Adam Zielinski published a demo today of WordPress running in the browser …

Leave a Reply

Your email address will not be published. Required fields are marked *