Ninjamailer.php

: Change passwords for your CMS, FTP, and hosting control panel immediately.

: Move it to a secure location outside your public directory for analysis, or delete it if you are certain it is unauthorized. ninjamailer.php

: It is frequently flagged as a "mailer" used by threat groups (such as those involved in "Operation Armor Piercer") to automate the delivery of maldocs and archives. : Change passwords for your CMS, FTP, and

: It is designed to mass-send emails, often bypassing standard server restrictions to facilitate phishing or malware proliferation. : Change passwords for your CMS

: Check your server logs to see when the file was uploaded and from what IP address.

If you found ninjamailer.php in your site's directory and did not put it there: