Heimdal Security researchers say hundreds of WordPress sites have been compromised. The attacks are using an unidentified vulnerability with obfuscated JavaScript. Two of 66 security products on VirusTotal detect the threat as of last night. The attackers are using the Nuclear Exploit Kit, a potent collection of exploits for Adobe products. The Nuclear EK has been dropping the dangerous Cryptowall ransonmware, as recently as late November, researchers say. The same group believed to be behind both attacks, but cannot confirm that.
Source: https://threatpost.com/wordpress-infections-leading-to-teslacrypt-ransomware/116149/