4. Hosting Provider Detects Widespread WordPress Attack
Earlier this month, hosting provider CloudFlare reported that it identified a wide-scale attack targeting WordPress installations to build a large botnet. The cybercriminals behind the campaign used a brute-force attack with an automated tool to break into account credentials and gain access to thousands of WordPress administrator accounts. Once infiltrated by attackers, the WordPress sites can be used to conduct DDoS attacks, distribute malware via drive-by downloads or conduct phishing attacks.