Ben Martin
Browsing Category
WordPress Security
636 posts
WordPress ClickFix Malware Causes Google Warnings and Infected Computers
Since December of last year there has been a new fake Google reCAPTCHA campaign making its way through the WordPress world. Very similar to malware…
When Spam Hides In Plain Sight
Matt Morrow We recently worked on an interesting case where Casino spam was visible in the page source, but couldn’t be located in any of the usual…
Hidden Backdoors Uncovered in WordPress Malware Investigation
Puja Srivastava At Sucuri, we often encounter cases where malware is deeply embedded in websites, hidden in files and scripts that can easily escape detection. In this…
Vulnerability & Patch Roundup — January 2025
Sucuri Malware Research Team Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes…
Malware Redirects WordPress Traffic to Harmful Sites
Recently, a customer approached us after noticing their website was redirecting visitors to a suspicious URL. They suspected their site had been compromised and sought…
Japanese Spam on a Cleaned WordPress Site: The Hidden Sitemap Problem
While investigating a compromised WordPress site, we discovered a malware infection causing Japanese spam links to appear in Google search results. Although the site had…
Stealthy Credit Card Skimmer Targets WordPress Checkout Pages via Database Injection
Recently, we released an article where a credit card skimmer was targeting checkout pages on a Magento site. Now we’ve come across sophisticated credit card…
Vulnerability & Patch Roundup — December 2024
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes…
Vulnerability & Patch Roundup — November 2024
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes…
Malicious Script Injection on WordPress Sites
Recently, our team discovered a JavaScript-based malware affecting WordPress sites, primarily targeting those using the Hello Elementor theme. This type of malware is commonly embedded…
Simple Include Statement Hides Casino Spam
Kayleigh Martin Just as there are countless types of websites on the internet, there are just as many attackers seeking to exploit them. These attackers develop malicious…