06 May 2022 at 13:36 UTC
Updated: 06 May 2022 at 13:43 UTC
Attackers pounce before site owners can activate the installation wizard
Attackers are abusing the Certificate Transparency (CT) system to compromise new WordPress sites in the typically brief window of time before the content management system (CMS) has been configured and therefore secured.
CT is a web security standard for monitoring and auditing TLS (aka SSL) certificates, which are issued by certificate authorities…