May 22025 Fake Security Plugin on WordPress Enables Remote Admin Access for Attackers Backdoor plugin hijacks WordPress sites with admin access, stealth reinfection, and JS ad fraud—active since Jan 2025.
