Avast, a cybersecurity company,y has warned both Joomla users of a new type of attack, which injects fake jQuery script into the header of the website. This type of script changes one line of code to allow the hacked website to point to a malicious script.
Avast stated that the amount of websites hacked using this method is “abnormally high” and has resulted in about 4.5 million users attacked. Visitors of the websites will not notice the code, unless they are looking at the source code because the script is put before the closing tag.
Attacks on Popular CMS Joomla and WordPress Undetectable by Visitors