Website Security News
A PHP shell containing multiple functions can easily consist of thousands of lines of code, so it’s no surprise that attackers often reuse the code from some of the most popular PHP web shells, like WSO or b374k. After all, if these popular (and readily…
We often see hackers reusing the same malware, with only a few new adjustments to obfuscate the code so that it is more difficult for scanning tools to detect. However,…
Read More about R_Evil WordPress Hacktool & Malicious JavaScript Injections
Our free SiteCheck tool helps website owners remotely scan their website to detect malware infections, blacklisting status, website errors, and other anomalies. Scanning a website’s external HTML source code provides…
PHP hack tools are created and used by attackers to help automate frequent or tedious tasks. During a recent investigation, we came across a hack tool used to simplify the…
Malicious pop-ups and redirects have become two extremely common techniques used by attackers to drive traffic wherever they want. \ During a recent investigation, we came across an obfuscated pop-up…
In an attempt to avoid detection, attackers and malware authors are always experimenting with different methods to obfuscate their malicious code. During a recent investigation, we came across an interesting…
Read More about Backdoor Obfuscation: tempnam & URL Encoding
Our team recently came across a malicious script used on a Magento website titled gstaticapi, which targeted checkout processes to capture and exfiltrate stolen information. To obtain sensitive details, the…
Read More about Magento Credit Card Stealing Malware: gstaticapi
Website reinfections are a serious problem for website owners, and it can often be difficult to determine the cause behind the reinfection — especially if you lack access to necessary…
Read More about The Hidden PHP Malware that Reinfects Cleaned Files
An XML sitemap is an important part of a website’s SEO and exists to help search engine crawlers index new URLs on your website. For example, if a site has…
This is a mid-month update to our regular Monthly Vulnerability Digest, which reveals a number of new patches for disclosed vulnerabilities. Plugin Vulnerability Patched Version Installs Elementor Page Builder Authenticated…
If you want to easily download and save remote files, curl is an excellent command-line tool for Windows and Unix. It supports HTTP, HTTPS, and FTP protocols and allows for…
