<ul><li>A special directory in WordPress, called mu-plugins, has been abused by threat actors to host malicious code.</li><li>The malicious code in mu-plugins allows threat actors to execute arbitrary code, redirect visitors to malicious websites, and display spam and ads.</li><li>Sucuri researchers found three variants of malicious code in mu-plugins, including redirect.php, index.php, and custom-js-loader.php.</li><li>To mitigate the risk, website admins should conduct regular security checks, scan for malicious files, update plugins and themes, and monitor file integrity.</li></ul>

A key WordPress feature has been hijacked to show malicious code, spam images

Discover more