Archive For: WordPress Security
-
February 6, 2025
Categories:
-
At Sucuri, we are committed to protecting websites from malware and other cyber threats. Recently, we were contacted by a customer who had experienced credit card data theft from their Magento-based eCommerce website. After an extensive investigation, we were able to trace the malware responsible for what was happening back to the Google Tag Manager... Read More
-
January 31, 2025
Categories:
-
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help educate website owners about potential threats to their environments, we’ve compiled a list of important security updates and vulnerability patches for the WordPress ecosystem this... Read More
-
January 28, 2025
Categories:
-
We’re excited to announce that the Sucuri Web Application Firewall (WAF) now supports HTTP/3, the latest version of the HTTP protocol. This upgrade brings significant performance improvements and enhanced security features to all websites protected by our WAF. The best part? It works automatically – if your visitor’s browser supports HTTP/3, they’ll immediately benefit from... Read More
-
January 23, 2025
Categories:
-
Recently, a customer approached us after noticing their website was redirecting visitors to a suspicious URL. They suspected their site had been compromised and sought assistance in identifying and resolving the issue. This prompted a deeper investigation into the infection and its behavior. What did we see? The website’s redirects were leading to hxxps://cdn1[.]massearchtraffic[.]top/sockets. Continue... Read More
-
January 21, 2025
Categories:
-
Today, we at Wordfence are excited to announce a groundbreaking addition to our Wordfence Bug Bounty Program: the Refer-A-Researcher Program! Refer new researchers to our program and earn commissions when they submit valid vulnerabilities. This is a great opportunity to earn even more with the Wordfence Bug Bounty Program – already the highest paying bug... Read More
-
January 17, 2025
Categories:
-
Website backdoors are a silent yet deadly threat to website security. These stealthy mechanisms bypass standard authentication, providing attackers with persistent, unauthorized access to a website’s backend. Often overlooked, backdoors allow cybercriminals to maintain access long after an initial breach. Understanding the risks they pose and how to mitigate them is essential for website owners... Read More
-
January 16, 2025
Categories:
-
Did you know Wordfence runs a Bug Bounty Program for all WordPress plugins and themes at no cost to vendors? Researchers can earn up to $31,200 per vulnerability, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we handle all the rest. Last week,... Read More
-
January 15, 2025
Categories:
-
While investigating a compromised WordPress site, we discovered a malware infection causing Japanese spam links to appear in Google search results. Although the site had been cleaned, Google was still crawling and indexing spammy URLs, which impacted the site’s SEO and credibility. Japanese SEO Spam: A Common Threat Japanese SEO spam is a recurring issue... Read More
-
January 9, 2025
Categories:
-
Recently, we released an article where a credit card skimmer was targeting checkout pages on a Magento site. Now we’ve come across sophisticated credit card skimmer malware while investigating a compromised WordPress website. This credit card skimmer malware targeting WordPress websites silently injects malicious JavaScript into database entries to steal sensitive payment details. The malware... Read More
-
January 9, 2025
Categories:
-
Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? Researchers can earn up to $31,200 per vulnerability, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we handle all the rest. Special Note:... Read More
Tap To Call