jQuery.min.php Malware Affects Thousands of Websites


Fake jQuery injections have been popular among hackers since jQuery itself went mainstream and became one of the most widely adopted JavaScript libraries. Every now and then we write about such attacks. Almost every week we see new fake jQuery
Read More

vBulletin Exploits in the Wild


**Update: CheckPoint disclosed more details here: Check Point Discovers Critical vBulletin 0-Day. The vBulletin team patched a serious object injection vulnerability yesterday, that can lead to full command execution on any site running on an
Read More

Return of the EXIF PHP Joomla Backdoor


Our Remediation and Research teams are in constant communication and collaboration. It’s how we stay ahead of the latest threats, but it also presents an opportunity to identify interesting threats that aren’t new but may be reoccuring. Such as tod
Read More

WPScan Intro: WordPress Vulnerability Scanner


Have you ever wanted to run security tests on your WordPress website to see if it could be easily hacked? WPScan is a black box vulnerability scanner for WordPress sponsored by Sucuri and maintained by the WPScan Team, available free for Linux and
Read More

Joomla SQL Injection Attacks in the Wild


Last week, the Joomla team released an update to patch a serious vulnerability on Joomla 3.x. This vulnerability is an SQL injection (CVE-2015-7858) that allows for an attacker to take over a vulnerable site with ease. We predicted that the attacks
Read More

Joomla 3.4.5 Released, Fixing a Serious SQL Injection Vulnerability


The Joomla team just released a new Joomla version (3.4.5) to fix some serious security vulnerabilities. The most critical one is a remote and unauthenticated SQL injection on the com_contenthistory module (included by default) that allows for a full
Read More

Massive Magento Guruincsite Infection


We are currently seeing a massive attack on Magento sites where hackers inject malicious scripts that create iframes from "guruincsite[.]com". Google already blacklisted about seven thousand sites because of this malware. There are two mo
Read More

Security Advisory: Stored XSS in Akismet WordPress Plugin


Security Risk: Dangerous Exploitation Level: Easy/Remote DREAD Score: 9/10 Vulnerability: Stored XSS Patched Version:  3.1.5 During a routine audit for our WAF, we discovered a critical stored XSS vulnerability affecting Akismet,
Read More

Redirect to Microsoft Word Macro Virus

PHP code redirects to malicious Microsoft Word document

These days we rarely see Microsoft Word malware on websites, but it still exists and compromised websites can distribute this kind of malware as well. It's not just email attachments when it comes to sharing infected documents. For example, this
Read More

Brute Force Amplification Attacks Against WordPress XMLRPC

BruteForce Banner

Brute Force attacks are one of the oldest and most common types of attacks that we still see on the Internet today. If you have a server online, it's most likely being hit right now. It could be via protocols like SSH or FTP, and if it's a web
Read More