Website Security News
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help educate website owners on emerging threats to their environments, we’ve compiled a list of important…
Read More about WordPress Vulnerability & Patch Roundup November 2022
On November 15th, Ben Martin reported a new type of WordPress infection resulting in the injection of SocGholish scripts into web pages. The attack loads zipped malicious templates from WordPress…
Most modern web browsers and search authorities like Google have a vested interest in protecting their users from malware. Warning messages like “This site may harm your computer” are a…
Read More about How to Fix the “This Site May Harm Your Computer” Warning
Readers of this blog should already be familiar with SocGholish: a widespread, years-long malware campaign aimed at pushing fake browser updates to unsuspecting web users. Once installed, fake browser updates…
Read More about New SocGholish Malware Variant Uses Zip Compression & Evasive Techniques
Attackers are always on the hunt for vulnerable websites. Whether you have a WordPress, Magento, or Joomla website — you’ll want to take steps to keep your site and server…
Consumers spent a whopping $33.9 billion during Cyber Week last year. With the average adult spending $430 on Black Friday alone, this period remains one of the biggest online shopping…
Read More about Black Friday & Cyber Monday Ecommerce Security Threats
Malware authors, with some notable exceptions, tend to design their malicious code to hide from sight. The techniques they use help their malware stay on the victim’s website for as…
Read More about Wordfence Evasion Malware Conceals Backdoors
Imagine for a moment that you’re searching for a topic. You find what you’re looking for on the first page of Google’s search results and click through to the website….
Read More about What is the 503 Service Unavailable Error & How to Fix It
A malware attack is the act of injecting malicious software to infiltrate and execute unauthorized commands within a victim’s system without their knowledge or authorization. The objectives of such an…
When attackers shift up their campaigns, change their payload or exfiltration domains, and put some extra effort into hiding their malware it’s usually a telltale sign that they are making…
Read More about New Malware Variants Serve Bogus CloudFlare DDoS Captcha
All software has bugs — but some bugs can lead to serious security vulnerabilities that can impact your website and traffic. Vulnerabilities can be especially dangerous when your software is…
Read More about A Guide to Virtual Patching for Website Vulnerabilities
