Kyle Knight
Puja Srivastava
Marc KranatBackdoors: The Hidden Threat Lurking in Your Website
Website backdoors are a silent yet deadly threat to website security. These stealthy mechanisms bypass standard authentication, providing attackers with persistent, unauthorized access to a…
Japanese Spam on a Cleaned WordPress Site: The Hidden Sitemap Problem
While investigating a compromised WordPress site, we discovered a malware infection causing Japanese spam links to appear in Google search results. Although the site had…
Stealthy Credit Card Skimmer Targets WordPress Checkout Pages via Database Injection
Recently, we released an article where a credit card skimmer was targeting checkout pages on a Magento site. Now we’ve come across sophisticated credit card…
Vulnerability & Patch Roundup — December 2024
Sucuri Malware Research Team Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes…
Vulnerability & Patch Roundup — November 2024
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes…
Malicious Script Injection on WordPress Sites
Recently, our team discovered a JavaScript-based malware affecting WordPress sites, primarily targeting those using the Hello Elementor theme. This type of malware is commonly embedded…
Credit Card Skimmer Malware Targeting Magento Checkout Pages
Magento websites are a frequent target for cybercriminals due to their widespread usage in eCommerce and the valuable customer data they handle. During a routine…
Simple Include Statement Hides Casino Spam
Kayleigh Martin Just as there are countless types of websites on the internet, there are just as many attackers seeking to exploit them. These attackers develop malicious…
PHP Reinfector and Backdoor Malware Target WordPress Sites
We recently observed a surge in WordPress websites being infected by a sophisticated PHP reinfector and backdoor malware. While we initially believed that the infection…
Malware Steals Account Credentials
Matt Morrow It’s common for malware to target e-commerce sites, and these attackers are usually seeking to steal credit card details. In most cases, they will insert…
2024 Credit Card Theft Season Arrives
Ben Martin The holiday shopping season is just around the corner, and it’s the time of year the eCommerce website owners need to be most on their…