Website Security News
If you are still using Timthumb after the serious vulnerability that was found on it last year, you have one more reason to be concerned. A new zeroday was just disclosed on TimThumb’s “Webshot” feature that allows for certain commands to be executed on the…
Read More about TimThumb WebShot Code Execution Exploit (Zeroday)
We are seeing a lot of noise again regarding the Uploadify script vulnerabilities affecting some WordPress themes/plugins. If you are not familiar, Uploadify allows anyone to upload anything they want…
Read More about Uploadify, Uploadify and Uploadify – The New TimThumb?
We have been tracking TimThumb related attacks for a while and they are still at full force (yes, some people are still using the outdated versions and getting compromised). Just…
Read More about List of Domains Hosting Webshells for Timthumb Attacks
If you use WordPress you’re probably aware of the mass infection caused by a vulnerability in the timthumb.php script, a photo manipulation script included in many themes and plugins. Sites…
Read More about Timthumb.php Mass Infection – Aftermath – Part I
If your site got compromised lately with the TimThumb.php vulnerability, make sure to check that script to see if it was not modified to act as a backdoor as well….
We have been talking a lot lately about the Timthumb.php vulnerability and the importance of updating that script as soon as possible. Sites that didn’t update it are getting compromised…
We have been talking a lot lately about the Timthumb.php vulnerability and the importance of updating the script as soon as possible. Sites that didn’t update it are getting compromised…
Read More about TimThumb.php attacks – Now using googlesafebrowsing dot com
Many people are asking us about this “counter-wordpress.com” type of malware, so we will post some details here. Our scanner has been identifying it for a while, so if you…
Read More about Mass Infection of WordPress Sites Due to TimThumb ( counter-wordpress dot com )
We are seeing large scale attacks against the vulnerable timthumb.php script in the wild. Thousands of sites are getting compromised and if you have it in your WordPress site, you…
Read More about Attacks Against Timthumb.php in the Wild – List of Themes and Plugins Being Scanned
The Timthumb.php vulnerability is being used in the wild to hack and infect thousands of WordPress sites. Hopefully everyone is checking their themes and updating the script to make sure…
Read More about TimThumb.php Vulnerability Not Only Affecting Themes – Plugins too
We are seeing a large number of WordPress sites compromised with a malicious JavaScript loading from superpuperdomain.com/count.php. That JavaScript redirects visitors that were going to the WordPress site to fake…
Read More about WordPress Sites Hacked with Superpuperdomain dot com (Attacking Timthumb.php)