Phony WordPress Domain Steals Cookies to Fool Web Admins (Security Intelligence)


All that’s missing is an “e,” but a fake WordPress site could fool website admins into letting it take over browser sessions and steal information, researchers warned. A new report first revealed that a fraudulent application program interface (API) domain, called WordPrssAPI, was attempting to steal active cookies to impersonate users, including website admins.