Update to the Superpuperdomain2.com malware
David Dede Just a quick update to the Superpuperdomain2.com/Superpuperdomain.com malware infection that has been affecting thousands of WordPress sites with the vulnerable timthumb.php script. You can read…
Browsing Category
WordPress Security
672 posts
WordPress Sites Hacked with Superpuperdomain2.com
A few days ago we posted about a series of attacks that were happening against WordPress sites running the vulnerable timthumb.php script. We detected thousands…
WordPress Sites Hacked with Superpuperdomain dot com (Attacking Timthumb.php)
We are seeing a large number of WordPress sites compromised with a malicious JavaScript loading from superpuperdomain.com/count.php. That JavaScript redirects visitors that were going to…
Timthumb Security Vulnerability – List of Themes
The Timthumb 0-day security vulnerability is generating a lot of noise and for good reason. If you have a theme that includes TimThumb, your site…
Timthumb.php Security Vulnerability – Just the Tip of the Iceberg
There has been some buzz about a zero day vulnerability found in Timthumb.php that can allow for arbitrary file uploads. Although this is a platform…
Keeping Your WordPress Themes Updated
Dre Armeda We talk a lot about keeping WordPress and the plugins you use updated. That’s great and all, but you also have to remember that it…
Python: No such file or directory – Your site is likely compromised
If you run a WordPress site and you are seeing the following error at the top of your pages: sh: /usr/local/bin/python: No such file or directory…
WordPress 3.2 and PHP support – Security effect
WordPress 3.2 is going to be released very soon and one of the biggest changes is that they will drop support for PHP4 and all…
WordPress 3.1.4 available – Time to update
If you are running WordPress, it is time to update it now. WordPress v3.1.4 was just released with security fixes for all the previous versions…
WP-phpmyadmin WordPress plugin – Delete it now
If you are using the WP-phpmyadmin WordPress plugin, delete it now. We are seeing multiple sites getting hacked through it and we are investigating what…
WordPress plugins hacked – Understanding the backdoor
If you haven’t heard about it already, yesterday three popular WordPress plugins (AddThis, WPtouch, and W3 Total Cache) had a malicious backdoor added to them…