Researchers with Zscaler warn that threat actors are increasingly trying to take advantage of flaws in the immensely popular content management systems (CMSs) WordPress and Joomla in order to get legitimate websites to target users with malicious payloads.
In the past month, the researchers detected thousands of attacks, hundreds of which enabled hackers to compromise a website. The most common payloads used in the attacks were Shade ransomware, phishing links, coinminers, adware, and malicious redirectors.
Read more: Hundreds of compromised WordPress and Joomla websites are serving up malware to visitors