How to Make Your Website GDPR Compliant
Kyle Knight There is a straightforward reason GDPR keeps legal teams awake at night: fines can reach £17,500,000 or 4% of global annual revenue, whichever is higher.…
Malicious JavaScript Injects Fullscreen Iframe On a WordPress Website
Puja Srivastava Last month, we came across an ongoing JavaScript-based malware campaign affecting compromised websites. The malware injects a fullscreen iframe that silently loads content from a…
Understanding SQL Injection and How to Prevent Attacks
SQL injection, also known as SQLi, is a technique that targets websites and apps using SQL databases. It works by inserting SQL code into a…
SEO Spam Removal: Protect Search Rankings Before Blocklists Do
SEO spam used to be just annoying, but now it’s a huge moneymaker for organized crime. These groups are pushing fake meds, illegal gambling, and…
WordPress Vulnerability & Patch Roundup — July 2025
Sucuri Malware Research Team Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes…
Why Your Website Might Be Throwing a 421 SNI Error (And What to Do About It)
Marc Kranat So, your support team is suddenly flooded with tickets about “421 Misdirected Request” errors, and you’re wondering if the internet is just having a bad…
Unauthorized Admin User Created via Disguised WordPress Plugin
Recently at Sucuri, we investigated a malware case reported by one of our clients. Their WordPress site was compromised, and the attacker had installed a…
Uncovering a Stealthy WordPress Backdoor in mu-plugins
Recently, our team uncovered a particularly sneaky piece of malware tucked away in a place many WordPress users don’t even know exists: the mu-plugins folder.…
Product Update – New Backups Platform
Victor Santoyo Sucuri is pleased to announce the completion of a product upgrade with our new Backups platform. For those already subscribed to our Backups platform, you…
WordPress Redirect Malware Hidden in Google Tag Manager Code
Last month, a customer contacted us after noticing their WordPress website was unexpectedly redirecting to a spam domain. The redirection occurred approximately 4-5 seconds after…
Stealthy PHP Malware Uses ZIP Archive to Redirect WordPress Visitors
Last month, a customer contacted us, concerned about persistent and inexplicable redirects on their WordPress website. Our investigation quickly unearthed a sophisticated piece of malware…