Website Malware Infections- Website Security News

What Is a Keylogger?

Rianna MacLeod
May 23, 2023

Vulnerability in Essential Addons for Elementor Leads to Mass Infection

May 18, 2023

Websites Defaced with Belarusian Bottled Water Company Content

Ben Martin
May 16, 2023

It’s not often that we get the opportunity to write about website defacements on this blog. Defacements — where a website homepage is replaced with…

Xjquery Wave of WordPress SocGholish Injections

Denis Sinegubko
May 9, 2023

In November, 2022, my colleague Ben Martin described how hackers were using zipped files and encrypted WordPress options stored in the database to inject SocGholish…

What is Steganography? How Hackers Hide Malware On Websites

What is Steganography? (Or, How Hackers Hide Malware On Websites)

Rianna MacLeod
May 2, 2023

As a child, I loved sending secret messages to my friends using invisible ink. A quick squeeze of lemon juice was all I needed to…

Massive Abuse of EvalPHP WordPress Plugin

Massive Abuse of Abandoned Eval PHP WordPress Plugin

Ben Martin
April 19, 2023

Attackers are always finding new and creative ways to compromise websites and maintain their foothold in environments. This is frequently done via the use of…

Balada Injector: Synopsis of a Massive Ongoing WordPress Malware Campaign

Denis Sinegubko
April 6, 2023

Our team at Sucuri has been tracking a massive WordPress infection campaign since 2017 — but up until recently never bothered to give it a…

Hacked Website Threat Report – 2022

Rianna MacLeod
April 5, 2023

Education is crucial in defending your website against emerging threats. That’s why we are thrilled to share our 2022 Website Threat Research Report. Disseminating this…

How to find & Fix the WordPress Pharma Hack

How to Find & Fix: WordPress Pharma Hack

Rianna MacLeod
March 14, 2023

Finding bogus content and unexpected links for prescription drugs on your WordPress website can be a frustrating experience. But don’t blame your site: it just…

What is a Website Defacement?

Rianna MacLeod
March 7, 2023

Defacement is easily one the most obvious signs of a hacked website. In these attacks, bad actors gain unauthorized access to an environment and leave…

Magbo Spam Injection Encoded with hex2bin

Ben Martin
March 3, 2023

We recently had a new client come to us with a rather peculiar issue on their WordPress website: They were receiving unwanted popup advertisements but…

Is my website hacked? 13 signs and symptoms of a compromised site.

Is My Site Hacked? (13 Signs)

Rianna MacLeod
February 23, 2023

Symptoms of a hack can vary wildly. A concerning security alert from Google, a browser warning when you visit your site, or even a notice…

Attackers Abuse Cron Jobs to Reinfect Websites

Ben Martin
February 21, 2023

Malicious cron jobs are nothing new; we’ve seen attackers use them quite frequently to reinfect websites. However, in recent months we’ve noticed a distinctive new…