Last week, an ongoing WordPress malware campaign started a new wave which included a variety of experimental injection types.

Scripts as Data URLs

The first type looks pretty similar to what we discussed in our recent post.

However, instead of placing the code between the … tags, these injections have begun to embed them inline using a so called data URL notation in the src parameter.

Continue reading Data URLs and HTML Entities in New WordPress Malware at Sucuri Blog.

Via Sucuri.net