Malware Bytes reports of a non-trivial uptick in compromised WordPress sites.
During the past few days, our crawlers have been catching a larger-than-usual number of WordPress sites being hijacked. One of the most visible client-side payloads we see are redirections to tech support scam pages. Digging deeper, we found that this is part of a series of attacks that have compromised thousands of WordPress sites since early September. … The sites that are affected are running the WordPress CMS and often using outdated plugins.
Keeping WordPress up-to-date is essential, as is running a good security plugin. We recommend Wordfence. If you need help locking down your WordPress installation or keeping it up-to-date, contact us. We offer monitoring and updates services for as little as $35 per month.