Website Security Archives

Massive JavaScript Injection Campaign Redirects to Ads

Massive WordPress JavaScript Injection Campaign Redirects to Ads

Krasimir Konov
May 11, 2022

Our remediation and research teams regularly find malicious redirects on client sites. These infections automatically redirect site visitors to third-party websites with malicious resources, scam…

Read the Post

Examining Emerging Malware: Website Backdoors

Ben Martin
May 10, 2022

Next up in our “This didn’t quite make it into the 2021 Threat Report, but is still really cool” series: New and emerging backdoor variants…

Read the Post

Manually Identifying an X-Cart Credit Card Skimmer

Liam Smith
May 5, 2022

During a recent investigation, a new client came to us reporting that their antivirus had detected a suspicious domain loading on their website’s checkout page.…

Read the Post

WooCommerce Credit Card Stealer Concealed in Fake JPG

WooCommerce Credit Card Skimmers Concealed In Fake Images

Matt Morrow
May 3, 2022

Our research and remediation teams have noticed an increase in WooCommerce credit card skimmers on client sites over the past few years, as detailed in…

Read the Post

Hacked Website Threat Report 2021

Ben Martin
April 28, 2022

Our 2021 Website Threat Research Report details our findings and analysis of emerging and ongoing trends and threats in the website security landscape. We’ve put…

Read the Post

WordPress Vulnerabilities & Patch Roundup — April 2022

Antony Garand
April 26, 2022

Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes…

Read the Post

Keeping Up With PHP Updates

Ashley Sand
April 21, 2022

Staying on top of critical security risks and vulnerabilities is imperative for the safety of your website. Some of the types of threats impacting our client…

Read the Post

Poodle and Doodle, FUD and the Sucuri WAF

Marc Kranat
April 19, 2022

On any given day, Sucuri sees thousands of clients go through the PCI compliance process. The requirements outlined by the Payment Card Industry Data Security…

Read the Post

The Case for 2FA by Default for WordPress

Ben Martin
April 8, 2022

Administrator panel compromises are one of the most common attacks that everyday WordPress website admins face. We work with thousands of clients who have encountered…

Read the Post

WordPress Overtakes Magento in Credit Card Skimmers

Ben Martin
April 4, 2022

One of the most important monitoring tools in our security platform is our Sucuri SiteCheck scanner. It’s a free tool to scan your website for…

Read the Post

WordPress Popunder Malware Redirects to Scam Sites

Ben Martin
April 1, 2022

Over the last year we’ve seen an ongoing malware infection which redirects website visitors to scam sites. So far this year our monitoring has detected…

Read the Post