Malware Disables Wordfence Security Plugin & Forges Timestamps
A malicious PHP file is used to take down Wordfence plugin before it adjusts its own mtime timestamp.
Plugin Killer: WordPress Malware Disables Security Plugins
A malicious PHP file that was disabling common WordPress security plugins before injecting SEO spam onto the infected website.