Magento Skimmer Found Loading from magecart[.]net
Luke Leal We recently came across a simple Magento credit card skimmer found on a compromised website that was loading from the malicious domain magecart[.]net. The malicious…
Browsing Category
Sucuri Labs
336 posts
Clean Logs After Rooting Bash Script
During an active research investigation, we found an interesting bash script described by the author as Clean Logs After Rooting. This script is used once…
Plugins added to Malware Campaign: November 2019
John Castro This is an update for the long-lasting malware campaign targeting vulnerable plugins since January. Please check our previous updates below: Multi-Vector Attack in Server Logs:…
Wrong content-type to XSS
WordPress Social Sharing Plugin – Sassy Social Share, which currently has over 100000 installations just fixed a Cross Site Scripting Vulnerability. This bug allows attackers…
Plugins added to Malware Campaign: October 2019
This is an update for the long-lasting malware campaign targeting vulnerable plugins during August and September. Please check our previous updates below: Multi-Vector Attack in…
Size for Opera: Hiding Spammy Links
Denis Sinegubko There are many different tricks hackers use to make injected spam links invisible to regular visitors. Below is an example employed by one link spam…
Sucuri_encrypted: Magento Malware
In an effort to make malicious code appear to be credible, hackers commonly piggyback on the names of reputable, well-known companies and services. Typical examples…
Plugins added to Malware Campaign: September 2019
This is an update for the long-lasting malware campaign targeting vulnerable plugins during August and September. Please check our previous updates below: Multi-Vector Attack in…
Plugins Under Attack: August 2019
This is an update for the long-lasting malware campaign targeting vulnerable plugins during August and September. Please check our previous updates below: Multi-Vector Attack in…
Unauthenticated settings update in woocommerce-ajax-filters
woocommerce-ajax-filters, which currently has over 10,000 installations (versions <=1.3.6) allows unauthenticated attackers to arbitrarily update all the plugin options and redirect any user to an…
Lack of controls when using WordPress’ update_option() with user input data equals plugin nightmare
As mentioned in recent posts, WordPress’ update_option() function is used to update any option in the options database table. If the permission flow when using…