Skimming | Breaking Cybersecurity News | The Hacker News

Threat hunters have discovered a rogue WordPress plugin that's capable of creating bogus administrator users and injecting malicious JavaScript code to steal credit card information. The skimming activity is part of a  Magecart campaign  targeting e-commerce websites, according to Sucuri. "As with many other malicious or fake WordPress plugins it contains some deceptive information at the top of the file to give it a veneer of legitimacy," security researcher Ben Martin  said . "In this case, comments claim the code to be 'WordPress Cache Addons.'" Malicious plugins typically find their way to WordPress sites via either a  compromised admin user  or the  exploitation of security flaws  in another plugin already installed on the site. Post installation, the plugin replicates itself to the  mu-plugins  (or must-use plugins) directory so that it's automatically enabled and conceals its presence from the admin panel. "Since the only way to...