Pharma Spam Redirects to .su & .eu Sites
Denis Sinegubko We regularly clean all sorts of black hat SEO infections. During these infection cleanups, we often find compromised websites redirecting visitors to fake “Canadian Pharmacy”…
Browsing Category
WordPress Security
646 posts
Data URLs and HTML Entities in New WordPress Malware
Last week, an ongoing WordPress malware campaign started a new wave which included a variety of experimental injection types. Scripts as Data URLs The first…
Fake UpdraftPlus Plugins
We often find various fake WordPress plugins installed by hackers during website cleanups. Recently, we’ve noticed a new wave of infections that install fake plugins…
Cryptominers & Backdoors Found in Fake Plugins
Krasimir Konov When cleaning websites, we regularly find phishing pages, malicious code injected into files, and SEO spam. However, over the past couple of months we’ve also…
Plugins added to Malware Campaign: September 2019
John Castro This is an update for the long-lasting malware campaign targeting vulnerable plugins during August and September. Please check our previous updates below: Multi-Vector Attack in…
A New Wave of Buggy WordPress Infections
We’ve been following an ongoing malware campaign for the past couple of years now. This campaign is renowned for its prompt addition of exploits for…
Raising Awareness: WPBeginner Spotlight
Chase Watts We’re dedicated to creating the best website security guides and professional services. One way we get our message out is by partnering with open-source CMS…
Plugins Under Attack: August 2019
This is an update for the long-lasting malware campaign targeting vulnerable plugins during August and September. Please check our previous updates below: Multi-Vector Attack in…
Fake Human Verification Spam
Luke Leal We recently released an update to our Labs Knowledgebase for new plugins that had been targeted during the month of July 2019. One of these…
Dissecting the WordPress 5.2.3 Update
Marc-Alexandre Montpas Last week, WordPress released version 5.2.3 which was a security and maintenance update, and as such, contained many security fixes. Part of our day to…
How to Audit & Cleanup WordPress Plugins & Themes
Pilar Garcia In an interview with Smashing Magazine our CoFounder (now Head of Security Products at GoDaddy) Tony Perez was asked the following question. What Makes WordPress…