Alerts
Events
DCR
Explore Cyware Products
Alerts
Events
DCR
Go to listing page
Fake WordPress Caching Plugin Used to Steal Admin Credentials
Malware and Vulnerabilities
June 05, 2025
sucuri
A malicious WordPress plugin named wp-runtime-cache has been discovered masquerading as a caching plugin to steal admin credentials. The plugin is hidden from the admin panel and lacks author and URL metadata.
Read More
WordPress malware
Fake Plugin
wp-runtime-cache
Credential Theft
Base64 Obfuscation
Publisher
Previous
New Malware Attack Uses Malicious Chrome & Edge Extensi ...
Malware and Vulnerabilities
Next
Stored XSS Vulnerability in Description Field of CubeCa ...
Malware and Vulnerabilities
/https://cyware-ent.s3.amazonaws.com/image_bank/shutterstock_127762841.jpg)
/https://cyware-ent.s3.amazonaws.com/image_bank/f546_shutterstock_2142204069.jpg)
