This morning I received a WPMU Blog Post reporting that the popular plugin SI Captcha has been permanently removed from the WordPress(.org) Plugin Repository. Why? Ironically, the new plugin owner & developer (since June 2017) embedded the plugin with spam code!
If you are a site owner or a fellow designer/developer, check your installed plugin list and deactivate/remove the SI Captcha plugin from your site.
Source: WPMU Dev via WP Tavern
What next? What can replace SI Captcha?
There are lots of great options, fortunately. Are you trying to protect a form? Are you trying to protect comments?
I use Gravity Forms on my own and client websites, and I secure my forms with Google ReCaptcha. It’s easy to obtain the public and private keys by following links in the plugin.
Replace SI Captcha with another plugin. Options include but are not limited to:
https://wordpress.org/plugins/wp-spamshield/
https://wordpress.org/plugins/captcha/