Contact Form Spam Attack: An Innocent Feature Caused a Massive Problem
Gabriel Barbosa How a simple “Send a copy to yourself” feature led to 149,700 spam emails and what you can do to prevent it The Emergency Call…
Browsing Tag
WordPress Plugins and Themes
318 posts
Malvertising Campaign Hides in Plain Sight on WordPress Websites
Puja Srivastava Recently, one of our customers noticed suspicious JavaScript loading across their WordPress website. Visitors were being served third-party scripts that the site owner never installed.…
Vulnerability & Patch Roundup — September 2025
Sucuri Malware Research Team Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes…
Troubleshooting WordPress: How to Fix the White Screen of Death (WSoD)
Rianna MacLeod Navigating to your WordPress site only to be met with the White Screen of Death (WSoD) can be a daunting experience. This error denies access…
Hidden WordPress Backdoors Creating Admin Accounts
During a recent cleanup of a compromised WordPress website, we discovered two different malicious files designed to silently manipulate administrator accounts. Attackers often inject such…
Choosing the Best CMS for Your Needs
Kyle Knight Knowing which is the right CMS is key when launching a new site. Websites are no longer just online brochures; they’re where businesses sell products,…
Vulnerability & Patch Roundup — August 2025
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes…
Locking Down the WordPress Login Page
Due to its flexibility, ease of use, and massive plugin ecosystem, WordPress is a favorite among bloggers, developers, and businesses alike. Given its popularity, attackers…
Malicious JavaScript Injects Fullscreen Iframe On a WordPress Website
Last month, we came across an ongoing JavaScript-based malware campaign affecting compromised websites. The malware injects a fullscreen iframe that silently loads content from a…
WordPress Vulnerability & Patch Roundup — July 2025
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes…
Unauthorized Admin User Created via Disguised WordPress Plugin
Recently at Sucuri, we investigated a malware case reported by one of our clients. Their WordPress site was compromised, and the attacker had installed a…