Analysis of a Malicious WordPress Plugin: The Covert Redirector
Puja Srivastava A few weeks ago, we received a support request from a website owner who was experiencing unexpected redirects. Visitors landed on the website normally, but…
Browsing Category
Security Advisory
234 posts
Fake WordPress Caching Plugin Used to Steal Admin Credentials
Matt Morrow A common trend we see is that bad actors will upload malicious plugins to WordPress sites. These plugins serve a wide variety of functions from…
Vulnerability & Patch Roundup — May 2025
Sucuri Malware Research Team Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes…
Fake Java Update Popup Found in Malicious WordPress Plugin
We recently assisted a customer who reported a persistent and concerning “Java Update” pop-up appearing on their WordPress website. This type of deceptive notification is…
Fake Google Meet Page Tricks Users into Running PowerShell Malware
Last month, a customer reached out to us after noticing suspicious URLs on their WordPress site. Visitors reported being prompted to perform unusual actions. We…
Another Fake Cloudflare Verification Targets WordPress Sites
Kayleigh Martin A new Cloudflare infection has once again been targeting WordPress sites. This new iteration of malware mimics a legitimate-looking Cloudflare verification page, which then tricks…
Vulnerability & Patch Roundup — April 2025
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes…
Fake GIF Leveraged in Multi-Stage Reverse-Proxy Card Skimming Attack
Ben Martin In today’s post we’re going to review a sophisticated, multi-stage carding attack on a Magento eCommerce website. This malware leveraged a fake gif image file,…
When Good Software Goes Bad
Most often bad actors try their best to hide their activities by using obfuscated code or by uploading fake plugins or themes that inject simple…
Ad-Jacked: Cybercriminals Inject Google Adsense into WordPress
Recently, we’ve encountered cases where WordPress websites were impacted by Google Adsense hijackers. Attackers inject advertisements and scripts that steal website resources and pump ad…
Fake Font Domain Used to Skim Credit Card Data
Recently, a client of ours came to us concerned about credit card theft on their WordPress site. The client’s users reported that their credit card…