Unwanted “Shorte St” Ads in Unpatched Newspaper Theme
Fernando Barbosa Unwanted ads are one of the most common problems that site owners ask us to solve. Recently, we’ve noticed quite a few requests to remove…
Browsing Category
WordPress Security
672 posts
Yet Another Expired Domain causes WP Plugin to Redirect Users
Krasimir Konov Malicious redirects are very common in compromised websites. Attackers try to take advantage of the site resources to promote spam, distribute other malware/backdoors, and perform…
When Your Plugins Turn Against You
Cesar Anjos Every day we face countless cases of sites getting compromised and infected by an attacker. From there, the sites can be used for various operations…
Spotlight: How a Digital Marketing Agency Secures Client Sites
Nikki Gerren Based in Melbourne, Australia for over 17 years, 24Digital knows what it takes to succeed in the ever-evolving digital marketing space which is no longer…
Fake WordPrssAPI Stealing Cookies and Hijacking Sessions
Cookies are stored in the user’s browser to track behavior on a specific website. They also keep a user logged in during the active browsing…
WordPrssAPI Steals Your Cookies
Cookies are an important part of a visiting session on a website. It is used not only to keep track of actions taken on a…
Website Malware: Unwanted Exit to YourBrexit
Denis Sinegubko Some website hacks aim to make some political statements. Defacements are well known for this. Some infections redirect visitors to scam sites that push (usually…
WordPress Security – Unwanted Redirects via Infected JavaScript Files
We’ve been watching a specific WordPress infection for several months and would like to share details about it. The attacks inject malicious JavaScript code into…
Malicious Subdirectories Strike Again
In a previous post, we illustrated how attackers were fetching information from compromised sites under their control to display spam content on other hacked websites.…
Attackers Silently add new user with Administrator role to WordPress sites
Yuliyan Tsvetkov Attackers tend to get smarter in order to avoid detection, as well as gain access to your WordPress site. They use legit functions of the…
SEO Spam Campaign Exploiting WordPress REST API Vulnerability
Just over a week ago, WordPress released version 4.7.3 to patch multiple security issues. Despite the automatic update feature provided by many hosting companies, there…