WooCommerce Credit Card Skimmers Concealed In Fake Images
Matt Morrow Our research and remediation teams have noticed an increase in WooCommerce credit card skimmers on client sites over the past few years, as detailed in…
Browsing Category
WordPress Security
639 posts
Hacked Website Threat Report 2021
Ben Martin Our 2021 Website Threat Research Report details our findings and analysis of emerging and ongoing trends and threats in the website security landscape. We’ve put…
WordPress Vulnerabilities & Patch Roundup — April 2022
Antony Garand Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes…
Keeping Up With PHP Updates
Ashley Sand Staying on top of critical security risks and vulnerabilities is imperative for the safety of your website. Some of the types of threats impacting our client…
Critical RCE Vulnerability in Elementor WordPress Plugin
Security Risk: High Exploitation Level: Easy CVSS Score: 9.9 Vulnerability: Remote code execution (RCE) Patched Version: 3.6.3 On April 12th, an important security update was…
The Case for 2FA by Default for WordPress
Administrator panel compromises are one of the most common attacks that everyday WordPress website admins face. We work with thousands of clients who have encountered…
WordPress Overtakes Magento in Credit Card Skimmers
One of the most important monitoring tools in our security platform is our Sucuri SiteCheck scanner. It’s a free tool to scan your website for…
WordPress Popunder Malware Redirects to Scam Sites
Over the last year we’ve seen an ongoing malware infection which redirects website visitors to scam sites. So far this year our monitoring has detected…
The Mystery Admin User
One of our clients recently submitted a malware removal request with a curious problem: A mystery admin user kept getting re-created on their website. Try…
Website Malware Guide: How to Fix the WordPress Redirect Hack
If you’ve recently discovered that your WordPress site is redirecting other sites or unwanted ads, then your website may have been hacked. The WordPress redirect…
Attackers Abuse Poorly Regulated Top-Level Domains in Ongoing Redirect Campaign
One of the more common infections that we see are site-wide redirects to spam and scam sites, achieved by attackers exploiting newly found vulnerabilities in…