New Malware Campaign Found Exploiting Stored XSS in Popup Builder < 4.2.3
Puja Srivastava In January, my colleague reported about a new Balada Injector campaign found exploiting a recent vulnerability in the widely-used Popup Builder WordPress plugin which was…
Browsing Category
Website Malware Infections
854 posts
From Web3 Drainer to Distributed WordPress Brute Force Attack
Denis Sinegubko Two weeks ago we discussed a new development in website hacks: Web3 crypto wallet drainers. We’ve been closely following the most significant variant which injects…
New Wave of SocGholish Infections Impersonates WordPress Plugins
Ben Martin SocGholish malware, otherwise known as “fake browser updates”, is one of the most common types of malware infections that we see on hacked websites. This…
Web3 Crypto Malware: Angel Drainer Overview, Variants & Stats
Since January 2024, there has been a notable surge in attacks by a novel form of website malware targeting Web3 and cryptocurrency assets. This malware,…
Remote Access Trojan (RAT): Types, Mitigation & Removal
Remote Access Trojans (RATs) are a serious threat capable of giving attackers control over infected systems. This malware stealthily enters systems (often disguised as legitimate…
New Guide: How to Protect Your Website from Phishing
Rianna MacLeod There are many threats that can harm your website and your users, but one of the most dangerous is phishing. Phishing is a method used…
Detecting & Mitigating an Office 365 Phishing Threat: “Greatness”
Krasimir Konov Emerging in 2022, a phishing tool known as Greatness has caught the attention of our research team due to its coordinated efforts to breach Microsoft…
The Dangers of Lateral Movement & Website Cross Contamination
One of the most frequent problems that we observe in website hosting environments is “cross contamination” — the lateral movement of an attacker between websites.…
How to Fix Google Ads Disapproved Due to Malicious or Unwanted Software
Were your Google Ads just disapproved after a website compromise? Or, are you seeing policy violations for malicious or unwanted software in your Google Ads…
Thousands of Sites with Popup Builder Compromised by Balada Injector
On December 11, 2023 WPScan published Marc Montpas’ research on the stored XSS vulnerability in the popular Popup Builder plugin (200,000+ active installation) that was…
MageCart WordPress Plugin Injects Malicious User & Credit Card Skimmer
One of our analysts recently found an interesting malicious plugin injected into a WordPress / WooCommerce ecommerce website which both creates and conceals a bogus…