Archive For: Security Tips
-
April 22, 2025
Categories:
-
When something goes wrong with a website – whether it is a broken design, slow performance, shows an error message or something else, it is sometimes difficult to find the exact cause of the issue just by looking at the page. That’s where the HAR files or browser console errors come into play. These in-built... Read More
-
April 17, 2025
Categories:
-
Most often bad actors try their best to hide their activities by using obfuscated code or by uploading fake plugins or themes that inject simple but malicious scripts into a site. Every now and then we encounter a case where legitimate software is used for malicious purposes. We recently uncovered a case where Sypex Dumper,... Read More
-
April 15, 2025
Categories:
-
Recently, we’ve encountered cases where WordPress websites were impacted by Google Adsense hijackers. Attackers inject advertisements and scripts that steal website resources and pump ad views for their adsense accounts. This is not the first time we’ve seen attackers abusing popular Google services. In a previous case, we discovered a credit card skimmer hiding inside... Read More
-
April 10, 2025
Categories:
-
Recently, a client of ours came to us concerned about credit card theft on their WordPress site. The client’s users reported that their credit card data had become compromised shortly after purchasing products on our client’s website. When investigating the site, two suspicious symptoms appeared: A strange credit card form, and an unfamiliar domain, which... Read More
-
March 31, 2025
Categories:
-
Updating your website means getting files to your server, but the process can feel like a chore when simply navigating in a conventional hosting panel. FTP and SFTP are essential tools for managing files on your server. Whether you’re uploading website content or downloading backups, these protocols offer a straightforward method to handle your site’s... Read More
-
March 31, 2025
Categories:
-
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help educate website owners about potential threats to their environments, we’ve compiled a list of important security updates and vulnerability patches for the WordPress ecosystem this... Read More
-
March 28, 2025
Categories:
-
At Sucuri, our security researchers continually monitor for new malware variants and infection techniques targeting WordPress websites. Recently, we’ve uncovered multiple cases where threat actors are leveraging the mu-plugins directory to hide malicious code. This approach represents a concerning trend, as the mu-plugins (Must-Use plugins) are not listed in the standard WordPress plugin interface, making... Read More
-
March 27, 2025
Categories:
-
Magento remains a popular ecommerce platform in 2025 and its security patches play a vital role in addressing vulnerabilities that could otherwise be exploited by attackers. These patches help prevent issues like data breaches, website defacement, or unauthorized access, ensuring the safety of customer data and store operations. Given the platform’s widespread use, staying updated... Read More
-
March 19, 2025
Categories:
-
Today’s blog post will be a follow up to a previous article we posted a few weeks ago: We continue to see new variants of this malware campaign emerge. WordPress websites continue to be used as staging grounds to trick website visitors into running malicious powershell commands on their Windows computers in order to infect... Read More
-
March 14, 2025
Categories:
-
The battle against e-commerce malware continues to intensify, with attackers deploying increasingly sophisticated tactics. In a recent case at Sucuri, a customer reported suspicious files and unexpected behavior on their WordPress site. Upon deeper analysis, we discovered a complicated infection involving multiple components: a credit card skimmer, a hidden backdoor file manager, and a malicious... Read More
Tap To Call