Malware Uses Fake WordPress API Domain to Steal Sensitive Cookies
Security researchers from Sucuri have found hacked WordPress sites that were altered to secretly siphon off cookies for user and admin accounts to a rogue domain imitating the WordPress API. The attacker was sending stolen cookies to code.wordprssapi[.]com, a domain that was imitating a non-existent WordPress service. Sucuri’s Cesar Anjos says he found this malware […]