Website Security News
Earlier this year, we noticed an increase in attacks aiming at ThinkPHP, which is a PHP framework that is very popular in Asia. If you keep track of your site’s activity, the following log may look familiar: POST: /index.php?s=captcha HTTP/1.1 Data: _method=__construct&filter[]=system&method=get&server[REQUEST_METHOD]=uname&ipconfig In December 2018,…
As part of our regular research audits for our Sucuri Firewall, we discovered an SQL injection vulnerability affecting 40,000+ users of the Advanced Contact Form 7 DB WordPress plugin. Current…
The WordPress plugin repository team may “close” plugins and restrict downloads when they become aware of a security issue that the developer cannot fix quickly. However, bad actors are actively…
As part of our regular research audits for our Sucuri Firewall, we discovered an SQL Injection vulnerability affecting the YITH WooCommerce Wishlist plugin for WordPress. This plugin allows visitors and…
Read More about SQLi Vulnerability in YITH WooCommerce Wishlist
Update 11/3/2017: We are always looking for the latest to be shared with you and now we have released our WordPress Security Guide, were you can read all about vulnerabilities…
Read More about SQL Injection Vulnerability in WP Statistics
We regularly find and write about malware that steals credit card details from Magento sites because attackers discover new techniques to obtain sensitive data daily. This time, the malicious code…
Read More about Magento Credit Card Stealer for Braintree Extension
