WordPress Sites Hacked with Fake Cloudflare DDoS Alerts. WordPress sites are being hacked to display fake alerts for Cloudflare DDoS protection to install malware, according to a report from Sucuri. The hack displays a button that pretends to be a tool to bypass DDoS verification but actually downloads the NetSupport RAT and the RaccoonStealer password-stealing trojans. Source: Cipher Daily Brief, BleepingComputer, Sucuri.
I have added additional security to my laptop, a second-tier (“primary”) password for accessing my blogsite and other logins, and an additional 7-digit verification code.
Refer all cybersecurity questions or issues to WordPress.com.