We recently came across a simple Magento credit card skimmer found on a compromised website that was loading from the malicious domain magecart[.]net. The malicious…
During an active research investigation, we found an interesting bash script described by the author as Clean Logs After Rooting. This script is used once…
Our team recently came across a password changer for WordPress that allows attackers to modify WordPress user passwords within a compromised environment. By default, the…
This is a story about the SoakSoak malware campaign that proved that you can’t underestimate impact of security issues in popular premium software. These days,…
In past posts, we’ve discussed the more popular reasons why hackers target smaller websites. Today, we’ll focus instead on how hackers use compromised websites to…
This is an update for the long-lasting malware campaign targeting vulnerable plugins since January. Please check our previous updates below: Multi-Vector Attack in Server Logs:…
WordPress Social Sharing Plugin – Sassy Social Share, which currently has over 100000 installations just fixed a Cross Site Scripting Vulnerability. This bug allows attackers…