Outdated Duplicator Plugin RCE Abused
We’re seeing an increase in the number of cases where attackers are disabling WordPress sites by removing or rewriting its wp-config.php file.
These cases are all linked to the same vulnerable software: WordPress Duplicator Plugin.