Fake Wp.org/jquery.js
Denis Sinegubko There is a long-lasting malware campaign (dating back to at least 2016) that injects fake jQuery scripts: <script type=”text/javascript” src=”hxxps://www.XX[X]wp[.]org/jquery.js”></script> Where XX[X] are 2 or…
Browsing Category
Website Malware Infections
858 posts
Backdoor Uses Paste Site to Host Payload
Bruno Zanelato Finding backdoors is one of the biggest challenges of a website security analyst, as backdoors are designed to be hidden in case the malware is found…
Multi-Vector WordPress Infection from Examhome
This September, we’ve been seeing a massive infection wave that injects malicious JavaScript code into .js, .php files and the WordPress database.> The script looks…
Outdated Duplicator Plugin RCE Abused
Peter Gramantik We’re seeing an increase in the number of cases where attackers are disabling WordPress sites by removing or rewriting its wp-config.php file. These cases are all linked…
Unsuccessfully Defaced Websites
Luke Leal Defaced websites are a type of hack that is easy to notice and a pain for website owners. Recently, we came across some defacement pages…
“Google Fonts” popup leads to malware
A recent malware injection in a client\’s WordPress file was found to be targeting website visitors that were using the Google Chrome browser to access…
How to Improve Your Website Security Posture – Part II
AJ Syed Ali In the first post of this series, we discussed some of the main website security threats. Knowing the website security environment is a vital part…
Fake Font Dropper
Moe O Every day we see different website infections. When we receive unusual or interesting cases, our researcher instincts are triggered to investigate the unusual website behavior…
Fake Plugins with Popuplink.js Redirect to Scam Sites
Since July, we’ve been observing a massive WordPress infection that is responsible for unwanted redirects to scam and ad sites. This infection involves the tiny.cc…
How to Improve Your Website Security Posture – Part I
Have you ever wondered if your website security posture is adequate enough? The risk of having a website compromise is never going to be zero.…
Fake Cloudflare Injection
Fioravante Souza Seeing malicious campaigns using domain names that resemble big market players is not news anymore. This time I\’ll talk about the new redirects of cloudflare.pw.****…