Fake Browser Updates Targeting WordPress Administrators via Malicious Plugin

Description

A malicious WordPress plugin named 'Modern Recent Posts' has been discovered, targeting administrators with fake browser update pop-ups. The plugin injects malicious JavaScript from an external domain, only affecting logged-in administrators on Windows machines. The campaign uses social engineering tactics to trick users into downloading potential malware. The plugin includes persistence mechanisms and can self-update. This sophisticated attack demonstrates a focused approach on high-value targets, leveraging trust in security updates to compromise local machines. The malware's stealthy nature and targeted delivery system make it particularly dangerous for WordPress site owners.