WordPress Vulnerability & Patch Roundup October 2024
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes…
Rogue Ads Redirect Visitors
Ads are everywhere. They generate revenue for site owners and can present related content to the website being visited. As detailed in previous articles, bad…
Indonesian Gambling Redirect Hiding in Plain Sight
Many pieces of malware found over the years have been complex and difficult to find. Attackers often obfuscate their code to make it harder to…
Fake “Fix It” Pop-Ups Target WordPress Sites via Malicious Plugin to Download Trojan
In our recent investigation, we discovered a new malware campaign targeting WordPress sites through a fake plugin, universal-popup-plugin-v133, which delivers deceptive browser fix pop-ups. This…
WooCommerce Security Essentials for Store Owners
Running a WooCommerce store is awesome for your business – it opens up a whole world of opportunities. But let’s be honest, it also comes…
Unraveling Authentication and Authorization in Web Security
Authentication and authorization – they sound alike, often get used interchangeably, and are absolutely crucial for web application security. But let’s be real, getting them…
WordPress Vulnerability & Patch Roundup September 2024
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes…
How to Know if Your Website Is Hacked
Whether you manage a gaming blog, an e-commerce platform, or an enterprise-level website you probably want to be able to detect infections when they occur.…
7 Steps to Remove Malware from WordPress
If you’ve ever had your website compromised by malware, you know the sheer panic it can cause. But don’t worry, you’re not alone. More importantly…
Woo Skimmer Uses Style Tags and Image Extension to Steal Card Details
This post starts the same way many others do on this blog, and it will be familiar to those who keep up with website security:…
SiteCheck Remote Website Scanner — Mid-Year 2024 Report
Conducting an external website scan for indicators of compromise is one of the easiest ways to identify security issues. While remote website scanners may not…