Vulnerability & Patch Roundup — February 2025
Sucuri Malware Research Team Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes…
Fake WordPress Plugin Impacts SEO by Injecting Casino Spam
Kayleigh Martin Injecting malware via a fake WordPress plugin has been a common tactic of attackers for some time. This clever method is often used to bypass…
WordPress ClickFix Malware Causes Google Warnings and Infected Computers
Ben Martin Since December of last year there has been a new fake Google reCAPTCHA campaign making its way through the WordPress world. Very similar to malware…
When Spam Hides In Plain Sight
Matt Morrow We recently worked on an interesting case where Casino spam was visible in the page source, but couldn’t be located in any of the usual…
Hidden Backdoors Uncovered in WordPress Malware Investigation
Puja Srivastava At Sucuri, we often encounter cases where malware is deeply embedded in websites, hidden in files and scripts that can easily escape detection. In this…
Magento Credit Card Stealer Disguised in an <img> Tag
Recently, we had a client come to us concerned that their website was infected with credit card stealing malware, often referred to as MageCart. Their…
Google Tag Manager Skimmer Steals Credit Card Info From Magento Site
At Sucuri, we are committed to protecting websites from malware and other cyber threats. Recently, we were contacted by a customer who had experienced credit…
Vulnerability & Patch Roundup — January 2025
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes…
Sucuri WAF Now Supports HTTP/3: A Faster and More Secure Web Experience
Kyle Knight We’re excited to announce that the Sucuri Web Application Firewall (WAF) now supports HTTP/3, the latest version of the HTTP protocol. This upgrade brings significant…
Malware Redirects WordPress Traffic to Harmful Sites
Recently, a customer approached us after noticing their website was redirecting visitors to a suspicious URL. They suspected their site had been compromised and sought…
Backdoors: The Hidden Threat Lurking in Your Website
Website backdoors are a silent yet deadly threat to website security. These stealthy mechanisms bypass standard authentication, providing attackers with persistent, unauthorized access to a…