Actually, they are spreading in the wild, sort of.
There is a parallel universe, where people called "webmasters" upload websites to a hosting account with ftp. They use outdated php cms systems, their home directory is writable by the user/grourp that runs the webserver. They dont use version control and cant tell when a js file is injected with malicious code.
They all get injected with js malware every day. There is malware that targets cmses specifically and injects code in the cms libraries or config files directly.
There is a parallel universe, where people called "webmasters" upload websites to a hosting account with ftp. They use outdated php cms systems, their home directory is writable by the user/grourp that runs the webserver. They dont use version control and cant tell when a js file is injected with malicious code. They all get injected with js malware every day. There is malware that targets cmses specifically and injects code in the cms libraries or config files directly.