Hackers Deploy Stealth Backdoor in WordPress Mu-Plugins to Maintain Admin Access,
Cybersecurity researchers have uncovered a new stealthy backdoor concealed within the « mu-plugins » directory in WordPress sites to grant threat actors persistent access and allow them to perform arbitrary actions.
Must-use plugins (aka mu-plugins) are special plugins that are automatically activated on all WordPress sites in the installation. They are located in the « wp-content/mu-plugins »
Must-use plugins (aka mu-plugins) are special plugins that are automatically activated on all WordPress sites in the installation. They are located in the « wp-content/mu-plugins »
,
Cybersecurity researchers have uncovered a new stealthy backdoor concealed within the « mu-plugins » directory in WordPress sites to grant threat actors persistent access and allow them to perform arbitrary actions.
Must-use plugins (aka mu-plugins) are special plugins that are automatically activated on all WordPress sites in the installation. They are located in the « wp-content/mu-plugins »
Must-use plugins (aka mu-plugins) are special plugins that are automatically activated on all WordPress sites in the installation. They are located in the « wp-content/mu-plugins »
, ,
https://thehackernews.com/2025/07/hackers-deploy-stealth-backdoor-in.html