MageCart WordPress Plugin Injects Malicious User & Credit Card Skimmer
Ben Martin One of our analysts recently found an interesting malicious plugin injected into a WordPress / WooCommerce ecommerce website which both creates and conceals a bogus…
What is a Content Security Policy (CSP)
Gerson Ruiz It’s always a good idea to be aware of the security issues that might affect your site. For example, cross-site scripting (XSS) attacks consist of…
Analysis of the Fake WordPress CVE-2023-46182 Patch Plugin & Phishing Campaign
Denis Sinegubko On December 1, 2023, several security researchers reported about a new phishing campaign targeting WordPress administrators. WordPress sites owners had started receiving emails from WordPress.com…
Critical RCE Vulnerability Patched in Backup Migration Plugin
Sucuri Malware Research Team On December 6th, 2023, the WordPress plugin Backup Migration received a critical security patch for a remote code execution vulnerability. Details were released five days…
WPScan Intro: How to Scan for WordPress Vulnerabilities
Rianna MacLeod In this post, we will look at how to use WPScan as a WordPress vulnerability scanner. This security tool provides you with a better understanding…
40 New Domains of Magecart Veteran ATMZOW Found in Google Tag Manager
Hackers like Google Tag Manager: millions of sites use it, and they can inject custom scripts and HTML code via a script from the highly…
Common Website Hacking Techniques
Website hacking — the act of exploiting weaknesses to gain unauthorized access to a website, database, cPanel, or admin dashboard — is a reality that…
Skimming Credit Cards with WebSockets
If you were to believe shopping mall merchants, you’d think the holiday season starts immediately after Halloween. Christmas trees and candy canes abound, along with…
HTTPS Protocol: What is the Default Port for SSL & Common TCP Ports
Marc Kranat SSL port numbers serve as communication endpoints for transmitting or receiving data. One of the primary functions of these ports is to establish a secure…
WordPress Vulnerability & Patch Roundup November 2023
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes…
Troubleshooting WordPress: How to Fix the White Screen of Death (WSoD)
Navigating to your WordPress site only to be met with the White Screen of Death (WSoD) can be a daunting experience. This error denies access…