Sucuri Blog
  • Products
    • Website Security Platform
    • Website Firewall (WAF)
    • Multi-Site plans
    • Custom & Enterprise Plans
    • Partnerships
  • Features
    • Detection
      Website Monitoring & Alerts
    • Protection
      Future Website Hacks
    • Performance
      Speed Up Your Website
    • Response
      Help For Hacked Websites
    • Backups
      Disaster Recovery Plan
  • Resources
    • Guides
    • Webinars
    • Infographics
    • Blog
    • SiteCheck
    • Reports
    • Email Courses
  • Pricing
  • Immediate Help
  • Login
Sucuri Blog
  • Products
    • Website Security Platform
    • Website Firewall (WAF)
    • Multi-Site plans
    • Custom & Enterprise Plans
    • Partnerships
  • Features
    • Detection
      Website Monitoring & Alerts
    • Protection
      Future Website Hacks
    • Performance
      Speed Up Your Website
    • Response
      Help For Hacked Websites
    • Backups
      Disaster Recovery Plan
  • Resources
    • Guides
    • Webinars
    • Infographics
    • Blog
    • SiteCheck
    • Reports
    • Email Courses
  • Pricing
  • Immediate Help
  • Login
  • Immediate Help
Login
Login

New Customer?

Sign up now.
  • Submit a ticket
  • Knowledge base
  • Chat now
WordPress Vulnerability
  • Vulnerability Disclosure

Insufficient Privilege Validation in NextScripts: Social Networks Auto-Poster

  • John Castro
  • September 4, 2020
NextScripts: Social Networks Auto-Poster is a plugin that  automatically publishes posts from your blog to your Social Media accounts such as Facebook, Twitter, Google+, Blogger,…
Read the Post
WordPress Vulnerability
  • Vulnerability Disclosure
  • WordPress Security

Critical Vulnerability in File Manager Plugin Affecting 700k WordPress Websites

  • Antony Garand
  • September 2, 2020
Yesterday, the WordPress plugin File Manager was updated, fixing a critical vulnerability allowing any website visitor to gain complete access to the website. Users of…
Read the Post
Labs Note
  • Sucuri Labs
  • Website Malware Infections
  • Website Security

Using assert() to Execute Malware in PHP 7 Environments

  • Krasimir Konov
  • September 1, 2020
Initially released December 2015, PHP 7 introduced a multitude of performance and security improvements. Approximately 43.7% of websites across the web currently use PHP 7.x,…
Read the Post
Labs Note
  • Sucuri Labs

Persistent WordPress User Injection

  • Krasimir Konov
  • August 28, 2020
Our team recently stumbled across an interesting example of malicious code used to add an arbitrary user inside WordPress. The following code was detected at…
Read the Post
Backdoor SQL Trigger
  • Sucuri Labs
  • Website Security

Magento Multiversion (1.x/2.x) Backdoor

  • Luke Leal
  • August 26, 2020
The Magento 1 EOL date has already passed, however it’s evident that a large number of websites will continue to use it for the foreseeable…
Read the Post
Labs Note
  • Sucuri Labs
  • Website Malware Infections
  • Website Security

COVID-19 Chloroquine Pharmaspam

  • Luke Leal
  • August 20, 2020
A recent SiteCheck scan of an organization’s website showed an interesting pharmacy spam injection targeting COVID-19-related pages of websites. The HTML that was flagged by…
Read the Post
Anatomy of a credit card stealer
  • Ecommerce Security
  • Magento Security
  • Sucuri Labs
  • Website Malware Infections
  • Website Security

CDN-Filestore Credit Card Stealer for Magento

  • Krasimir Konov
  • August 18, 2020
During a website remediation, we recently discovered a new version of a Magento credit card stealer which sends all compromised data to the malicious domain…
Read the Post
From .tk Redirects to PushKa Browser Notification Scam
  • Security Education
  • Sucuri Labs
  • Website Security

Web Crawler & User Agent Blocking Techniques

  • Luke Leal
  • August 14, 2020
This is a simple script that allows hackers to block specific crawlers based upon website requests from specific user-agents. This is useful when you don’t…
Read the Post
Fake WordPress Plugin SiteSpeed Hosts Malicious Ads & Backdoors
  • Sucuri Labs
  • Website Malware Infections
  • Website Security

Smoker Backdoor: Evasion Techniques in Webshell Backdoors

  • Luke Leal
  • August 13, 2020
“Smoker Backdoor” is a PHP webshell backdoor that uses hexadecimal and decimal obfuscation in conjunction with the PHP function goto to evade detection from malware…
Read the Post
  • Sucuri
  • Website Security

How SSL Works with a Website Firewall

  • Art Martori
  • August 12, 2020
It’s no secret that a secure sockets layer (SSL) encrypts data as it moves between a visitor’s browser and the site host. For many people,…
Read the Post
Uncommon Radixes Obfuscation
  • Security Education
  • Sucuri Labs
  • Website Malware Infections
  • Website Security

String Concatenation: Obfuscation Techniques

  • Krasimir Konov
  • August 12, 2020
While string concatenation has many valuable applications in development — such as making code more efficient or functions more effective — it is also a…
Read the Post
Search
Sucuri Sidebar Malware Removal to Signup Page
Sucuri Logo

Let’s Connect

Products
Website Firewall Website Security Platform WordPress Security Website Backups Hack Assistance Pricing
Solutions
DDoS Protection Malware Detection Malware Removal Malware Prevention Blacklist Removal SEO Spam Removal
USE CASES
Developers Ecommerce Agency Plans Enterprise Services HTTPS/2 Virtual Patching
Support
Knowledge Base SiteCheck Guides Research Labs Report Abuse Status Report
Company
About Sucuri Contact Blog Referral Partners Testimonials
Terms of Use Privacy Policy Do Not Sell My Personal Information Frequently Asked Questions

© 2025 GoDaddy Mediatemple, Inc., d/b/a Sucuri. All rights reserved.

back to top

'