Website Security News
Learn about the latest malware campaigns actively infecting websites, including malware removal and protection steps. Stay up to date with the latest infections against websites including CMS platforms like WordPress, Drupal, Magento, and Joomla. Read our posts about the most recent website hacks analyzed by our research and incident response teams.
Your website’s search results and rankings are vital to the success of your online business. Better search visibility equates to more traffic — which results in more opportunities to convert leads into customers. And while it may be tempting to game search engine algorithms to…
Attackers are always looking for new ways to conceal their malware and evade detection, whether it’s through new forms of obfuscation, concatenation, or — in this case — unorthodox use…
Did you just try to access your site and encounter a Deceptive Site Ahead warning? This error message occurs when the browser believes your website is unsafe and experiencing security…
Read More about How to Fix the “Deceptive Site Ahead” Warning
Every so often attackers register a new domain to host their malware. In many cases, these new domains are associated with specific malware campaigns, often related to redirecting legitimate website…
Read More about Massive Campaign Uses Hacked WordPress Sites as Platform for Black Hat Ad Network
Weebly is an easy-to-use website builder that allows admins to quickly create and publish responsive blogs and sites. Website builder environments are usually considered to be very safe and not…
Read More about How To Find & Remove Malware on Weebly Sites
A recent infection has been making its rounds across vulnerable WordPress sites, detected on over 160 websites so far at the time of writing. The infection is injected at the…
Read More about Fake jQuery Domain Redirects Site Visitors to Scam Pages
Written in PHP and JavaScript, FreePBX is a web-based open-source GUI that manages Asterisk, a voice over IP and telephony server. This open-source software allows users to build customer phone…
Read More about Backdoor Targets FreePBX Asterisk Management Portal
Attackers are always finding unique ways to avoid detection. Our teams regularly find malware on compromised websites which have been obfuscated to make it more difficult for webmasters to detect…
Read More about How to Fix & Remove the “Click Allow If You Are Not a Robot” Redirect
Since 2018, our team has been tracking an interesting type of website infection where the <title> tag of a hacked website is changed to Chinese text — changes which are…
Read More about Chinese Gambling Spam Targets World Cup Keywords
On November 15th, Ben Martin reported a new type of WordPress infection resulting in the injection of SocGholish scripts into web pages. The attack loads zipped malicious templates from WordPress…
Readers of this blog should already be familiar with SocGholish: a widespread, years-long malware campaign aimed at pushing fake browser updates to unsuspecting web users. Once installed, fake browser updates…
Read More about New SocGholish Malware Variant Uses Zip Compression & Evasive Techniques
