Security News > 2021 > March > Fake jQuery files infect WordPress sites with malware

Fake jQuery files infect WordPress sites with malware
2021-03-31 11:55

Security researchers have spotted counterfeit versions of the jQuery Migrate plugin injected on dozens of websites which contains obfuscated code to load malware.

Js and present at the exact locations where JavaScript files are normally present on WordPress sites but are in fact malicious.

Researchers spot fake jQuery files which are malware.

This week security researchers Denis Sinegubko and Adrian Stoian spotted counterfeit jQuery files impersonating the jQuery Migrate plugin on dozens of websites.

Wp-includes/js/jquery/ on these websites, which is the directory where WordPress keeps jQuery files.

If your website uses WordPress or popular JavaScript plugins such as jQuery Migrate, it is a good idea to regularly perform thorough security audits and check for anomalies that may indicate signs of malicious activity.


News URL

https://www.bleepingcomputer.com/news/security/fake-jquery-files-infect-wordpress-sites-with-malware/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Wordpress 7 2 95 44 18 159
Jquery 1 0 8 1 0 9