An authentication bypass vulnerability affecting more than 300,000 InfiniteWP Client plugin users has recently been disclosed to the public. This…
This is a story about the SoakSoak malware campaign that proved that you can’t underestimate impact of security issues in…
Malware obfuscation comes in all shapes and sizes — and it’s sometimes hard to recognize the difference between malicious and…
This past week, we’ve been monitoring a new wave of website infections mostly impacting WordPress and Magento websites. We found…
Last week, an ongoing WordPress malware campaign started a new wave which included a variety of experimental injection types. Scripts…
We often find various fake WordPress plugins installed by hackers during website cleanups. Recently, we’ve noticed a new wave of…
When cleaning websites, we regularly find phishing pages, malicious code injected into files, and SEO spam. However, over the past…
We’ve been following an ongoing malware campaign for the past couple of years now. This campaign is renowned for its…
We recently released an update to our Labs Knowledgebase for new plugins that had been targeted during the month of…
In the past four months, Sucuri has seen an increase in the number of plugins affected by the misuse of …