JoomDonation Compromised
Daniel Cid We are receiving reports from many users of the popular JoomDonation platform that they received a very scary email from someone that supposedly hacked into…
Browsing Category
Security Advisory
209 posts
Security Advisory – High severity – WP-Statistics WordPress Plugin
Marc-Alexandre Montpas If you’re using the WP-Statistics WordPress plugin on your website, now is the time to update. While doing a routine audit for our Website Firewall…
Security Advisory – Medium Severity – WP eCommerce WordPress Plugin
Mickael Nadeau If you’re using the popular WP eCommerce WordPress plugin (2,900,000 downloads), you should update it right away. During a routine audit for our Website Firewall…
Highly Critical SQL Injection Vulnerability Patched in Drupal Core
The Drupal team just released a security update for Drupal 7.x to address a highly critical SQL injection vulnerability. This bug can be exploited remotely…
Security Advisory – Hikashop Extension for Joomla!
In a routine audit of our Website Firewall we discovered a serious vulnerability within the Hikashop ecommerce product for Joomla! allowing remote code execution on…
Security Advisory – VirtueMart Extension for Joomla!
If you’re using the popular VirtueMart Joomla! extension (more than 3,500,000 downloads), you should update right away. During a routine audit for our Website Firewall (WAF)…
Security Advisory – Akeeba Backup for Joomla!
We have also released a more recent post exploring this vulnerability further: The Details Behind the Akeeba Backup Vulnerability If you’re a user of the…
WordPress Plugin Alert – LoginWall Imposter Exposed
Rafael Capovilla When you work with malware for a while, you start to become very good at pattern recognition. A couple sites in every hundred cleaned might…
Patching The Heartbleed OpenSSL Vulnerability
Security Researchers have discovered a very serious vulnerability in the OpenSSL library that is used to power HTTPS on most websites. Many news sources are…
JCE Joomla Extension Attacks in the Wild
Our friends from SpiderLabs, issued a warning today on their blog about increased activity on their honeypots looking to exploit the old JCE (Joomla Content…
vBulletin.com Compromised
The vBulletin team recently announced that they suffered a compromise which allowed the attackers access to vbulletin.com servers and database. On their own words: We…