Stealthy WordPress Malware Uncovered: Multi-Stage RAT Injects via Header.php, Hides Traces