Fake WordPress security alerts are being used to send malware

If you are a WordPress site admin, be wary of incoming emails – one could be a phishing message looking to infect your site with malicious plugins.

This is the warning given out by WordPress security experts Wordfence and PatchStack, which have found WordPress site admins receiving emails impersonating the legitimate wordpress.com site.