What is .htaccess Malware? (Detection, Symptoms & Prevention)
Ben Martin The .htaccess file is notorious for being targeted by attackers. Whether it’s using the file to hide malware, redirect search engines to other sites with…
Sucuri WordPress Plugin Updates for 2024
Rianna MacLeod At Sucuri, we believe in making the internet safe for everyone. One way we show this is through our free WordPress security plugin. The Sucuri…
New Malware Campaign Found Exploiting Stored XSS in Popup Builder < 4.2.3
Puja Srivastava In January, my colleague reported about a new Balada Injector campaign found exploiting a recent vulnerability in the widely-used Popup Builder WordPress plugin which was…
From Web3 Drainer to Distributed WordPress Brute Force Attack
Denis Sinegubko Two weeks ago we discussed a new development in website hacks: Web3 crypto wallet drainers. We’ve been closely following the most significant variant which injects…
New Wave of SocGholish Infections Impersonates WordPress Plugins
SocGholish malware, otherwise known as “fake browser updates”, is one of the most common types of malware infections that we see on hacked websites. This…
WordPress Vulnerability & Patch Roundup February 2024
Sucuri Malware Research Team Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes…
WordPress Hacked: What to Do When Your Site is Compromised
OK – your WordPress site is hacked. Now what? Questions we frequently get from new users are, “Why was my WordPress site hacked?” and “What…
Web3 Crypto Malware: Angel Drainer Overview, Variants & Stats
Since January 2024, there has been a notable surge in attacks by a novel form of website malware targeting Web3 and cryptocurrency assets. This malware,…
Remote Access Trojan (RAT): Types, Mitigation & Removal
Remote Access Trojans (RATs) are a serious threat capable of giving attackers control over infected systems. This malware stealthily enters systems (often disguised as legitimate…
What Is DDoSing & How To Tell if You Are DDoSed
Stephen Johnston Nowadays, the term DDoS — or Distributed Denial of Service — raises the heart rate of most webmasters. Though many don’t know exactly what DDoSing…
What is HTTP Error 403 & How to Fix It
Error 403 – Forbidden can be a frustrating interruption to anyone’s day. This common error can lead to exasperated website visitors, even resulting to lost…