Security News > 2025 > April > WooCommerce Users Targeted by Fake Patch Phishing Campaign Deploying Site Backdoors

Cybersecurity researchers are warning about a large-scale phishing campaign targeting WooCommerce users with a fake security alert urging them to download a "critical patch" but deploy a backdoor instead. WordPress security company Patchstack described the activity as sophisticated and a variant of another campaign observed in December 2023 that employed a fake CVE ploy to breach sites running

News URL

https://thehackernews.com/2025/04/woocommerce-users-targeted-by-fake.html