Fake WordPress Security Advisory Used to Deploy Malware and Backdoor

A fake WordPress advisory is making the rounds, trying to convince administrators that the WordPress security team contacts them and that they really need to install something. That something is, of course, malware. When the security team from WordPress contacts you directly, you’d think it must be serious. No one wants a vulnerability in their website, so website administrators might jump at the opportunity to get ahead and fix any security issue. The problem is that they will create a securi