Hackers are on the lookout for WordPress and Joomla sites sporting a loaded jQuery JavaScript library so that they can replace the standard jQuery.min.js file with a new jQuery.min.php. The new malicious PHP file then watches the site’s incoming traffic and randomly selects a victim whom it redirects to another website under the attacker’s control, where ads are usually displayed to users. This allows the thieves to steal the site’s legitimate traffic, either coming via search engines or paid advertising campaigns. Continue reading this story here.