Website Security News
Read articles related to WordPress security, including the latest WordPress vulnerabilities disclosured in popular plugins and themes. Learn about emerging website malware infections that could impact WordPress, industry reports, and best practices to secure your WordPress websites. If your website has been hacked, check out our guide to clean hacked WordPress sites.
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help educate website owners on emerging threats to their environments, we’ve compiled a list of important…
Read More about WordPress Vulnerability & Patch Roundup September 2022
When attackers shift up their campaigns, change their payload or exfiltration domains, and put some extra effort into hiding their malware it’s usually a telltale sign that they are making…
Read More about New Malware Variants Serve Bogus CloudFlare DDoS Captcha
All software has bugs — but some bugs can lead to serious security vulnerabilities that can impact your website and traffic. Vulnerabilities can be especially dangerous when your software is…
Read More about A Guide to Virtual Patching for Website Vulnerabilities
Bad actors often look for clever ways to boost the rankings and visibility of their spam pages in search. One of the many black hat SEO injections that we regularly…
Read More about Gambling Spam in Visual Composer Raw HTML Element: [vc_raw_html]
When a website is hacked symptoms can sometimes include unexpected, unfamiliar and strangely located favicon or .ico files. Other symptoms might include: ”This site may be hacked” warnings Strange redirects…
Read More about How to Find & Remove Malware in Favicon (.ico) Files
A frustrating interruption to anyone’s day is the infamous 500 internal server error. When it happens not only do you lose traffic or potential site revenue, but it can also…
Read More about What Is a 500 Internal Server Error & How to Fix It
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help…
Read More about WordPress Vulnerabilities & Patch Roundup — August 2022
Every once in a while, we get a glimpse into the strange behavior that happens after a site is compromised. Hacked websites are known to result in a plethora of…
Read More about Post-Hack Instructions: SEO Spam & 404 Errors in Search Console
Since 2020 considerable attention has been spent analysing the emergence of MageCart malware within WordPress environments which most commonly affects sites using WooCommerce. As demonstrated in a previous post WordPress…
Read More about Examining Less-Common WordPress Credit Card Skimmers
It’s not uncommon for users to experience “DDoS Protection” pages when casually browsing the web. These DDoS protection pages are typically associated with browser checks performed by WAF/CDN services which…
Read More about Fake DDoS Pages On WordPress Sites Lead to Drive-By-Downloads
Earlier this June, we shared information about the ongoing NDSW/NDSX malware campaign which has been one of the most common website infections detected and cleaned by our remediation team in…
Read More about SocGholish: 5+ Years of Massive Website Infections
