WooCommerce admins targeted by fake security patches that hijack sites

A large-scale phishing campaign targets WooCommerce users with a fake security alert urging them to download a “critical patch” that adds a WordPress backdoor to the site. […]