WordPress is the most popular CMS on the planet, and being the most popular also makes it a target for attacks. According to Pagely, a large managed hosting system for WordPress websites, there are two primary types of malware attacks aimed at WordPress.
The first type, injections, happens when your website is injected with code like links or advertisements that go to another website. Like the infographic says below, this code that is injected is usually hidden from normal view but still visible to search engines. As you can imagine, this could destroy your websites SEO and get you punished by Google.
The second type, back doors, are a method of bypassing normal authentication by illegally gaining remote access to a server, website files, and so on. This can obviously become a huge problem and could destroy your website.
The best thing you can do to prevent attacks or hackers is to secure your information, use a reliable hosting service, and be sure to back up your website regularly. Put a password on your wifi and make sure your passwords are strong and not easy for someone to guess. Check out the infographic below for some more great info and best practices to help keep your WordPress website secure.