Fake License.txt File Loaded Through PHP Include
Luke Leal Our team recently found a malicious injection located within a PHP include. The redirect occurs via the include function, which includes a file inconspicuously named…
Browsing Category
Sucuri Labs
336 posts
Face Mask Spam Links Injected in WordPress Database
During a recent malware removal request, we found a compromised WordPress site being used to redirect to spam websites. The campaign was leveraging an increase…
Vulnerabilities Digest: March 2020
John Castro Fixed Plugins and Vulnerabilities Plugin Vulnerability Patched Version Installs Cookiebot Reflected Cross-Site Scripting 3.6.1 40000 Data Tables Generator By Supsystic Authenticated Stored XSS 1.9.92 30000…
Tiny WSO Webshell Loader
A PHP webshell is a common tool found on compromised environments. Attackers use webshells as backdoors, allowing them to maintain unauthorized access to a hacked…
Reflected XSS in Cookiebot Administrative Page
Antony Garand A reflected XSS vulnerability has recently been found in the Cookiebot plugin plugin, impacting a user base of over 40k installs. Versions prior to 3.6.1…
Extract Function Backdoor Variant
We recently found malware on a client’s WordPress site that was using a variant of a backdoor that we previously covered back in 2014. The…
Reflected XSS in Advanced Ads Admin Dashboard
A patch for a vulnerability in the Advanced Ads plugin has been released. Prior to version 1.17.4, attackers were able to exploit two reflected XSS…
Innocent Defacement
Cesar Anjos When we talk about defacements, we’re usually referring to attacks leading to a visual takeover of a website’s page ― consider it a form of…
Phishing and Malware via SMS Text Message
Krasimir Konov We’ve recently noticed an increase in reports of phishing and malware being distributed via SMS text messages. During one investigation, we identified fake messages sent…
Vulnerabilities Digest: February 2020
Fixed Plugins and Vulnerabilities Plugin Vulnerability Patched Version Installs Duplicator Arbitrary File Download 1.3.28 1000000 Modula Image Gallery Authenticated Stored XSS 2.2.5 70000 Easy Property…
Skimmer Plugin Hides Itself From wp-admin
Our analyst Moe O recently discovered an interesting Javascript injection that was stealing submitted payment data from visitors on a WordPress website with a Woocommerce…