Quote:Malicious code redirects users to tech support scams, some of which use new "evil cursor" Chrome bug.

Thousands of WordPress sites have been hacked and compromised with malicious code this month, according to security researchers at Sucuri and Malwarebytes.
All compromises seem to follow a similar pattern --to load malicious code from a known threat actor-- although the entry vector for all these incidents appears to be different.

Researchers believe intruders are gaining access to these sites not by exploiting flaws in the WordPress CMS itself, but vulnerabilities in outdated themes and plugins.
When they gain access to a site, they plant a backdoor for future access and make modifications to the site's code.