Unmasking “Free” Premium WordPress Plugins
Denis Sinegubko WordPress has a large repository of free plugins (currently 30,000+) that can add almost any functionality to your blog. However, there is still a market…
Browsing Category
WordPress Security
680 posts
Security Exploit Patched on vBulletin – PHP Object Injection
Daniel Cid The vBulletin team just issued a warning, and released patches for a security exploit that affected all versions of vBulletin including 3.5, 3.6, 3.7, 3.8,…
Understanding Denial of Service and Brute Force Attacks – WordPress, Joomla, Drupal, vBulletin
Tony Perez Many are likely getting emails with the following subject header: Large Distributed Brute Force WordPress Attack Underway – 40,000 Attacks Per Minute. Just this week…
More Than 162,000 WordPress Sites Used for Distributed Denial of Service Attack
Distributed Denial of Service (DDoS) attacks are becoming a common trend on our blog lately, and that’s okay because it’s a very serious issue for…
New iFrame Injections Leverage PNG Image Metadata
Peter Gramantik We’re always trying to stay ahead of the latest trends, and today we caught a very interesting one that we have either been missing, or…
Recent OptimizePress Vulnerability Being Mass Infected
A few weeks ago we wrote about a file upload vulnerability in the OptmizePress theme. We were seeing a few sites being compromised by it,…
WordPress OptimizePress Theme – File Upload Vulnerability
We’re a few days short on this, but it’s still worth releasing as the number of attacks against this vulnerability are increasing ten-fold. The folks…
Phishing Emails to Install Malicious WordPress Plugins
When all else fails, the bad guys can always rely on some basic social engineering tactics with a little hit of phishing!! Over the weekend,…
Stealing Credit Cards – A WordPress and vBulletin Hack
What better way to celebrate Thanksgiving than to share an interesting case that involves two of the most popular CMS applications out there – vBulletin…
Another Fake WordPress Plugin – And Yet Another SPAM Infection!
We clean hundreds and thousands of infected websites, a lot of the cleanups can be considered to be somewhat “routine”. If you follow our blog,…
The Story of Clip:rect – A Black Hat SEO Trick
We regularly write about Black Hat SEO hacks here. Such hacks help hackers monetize their access to compromised sites by incorporating them into massive schemes…