Hackers are actively exploiting zero-days in several WordPress plugins
WordPress is, by far, the most widely used website building technology on the internet. According to the most recent statistics, more than 35% of all internet websites run on versions of the WordPress CMS (content management system).
Due to its huge number of active installations, WordPress is a massive attack surface. Attempts to hack into WordPress sites are like a constant hum in the background of all internet traffic, going on at any given time.
Over the past few months, this hum of WordPress hacking attempts has been at lower levels, compared to what we saw last year. After a busy 2019, 2020 started on a quiet note. The reason for this downtime could be the winter holidays, which, as we've seen in previous years, often results in a global slowdown in malware and hacking activities, as hackers, also take a break.