Researchers analyzed a new stealthy credit card skimmer that targets WordPress checkout pages by injecting malicious JavaScript into the WordPress…
Cybercriminals have developed PhishWP, a malicious WordPress plugin, to facilitate sophisticated phishing attacks, which enable attackers to create convincing replicas…
Researchers have identified a new variant of the ClickFix fake browser update malware distributed through malicious WordPress plugins. These plugins,…
The SocGholish downloader has been in operation since 2017 and it is still evolving. This malware, which poses as a…
Infected websites mimic legitimate human verification prompts (CAPTCHAs) to trick users, who often request seemingly innocuous clicks, resembling past CAPTCHA…
A client's website was experiencing random pop-ups as server side scanner logs revealed a JavaScript injection related to Sign1, which…
A recent surge in attacks from a new malware campaign exploits a known vulnerability in the WordPress plugin Popup Builder, infecting over…
Researchers recently uncovered distributed brute force attacks on target WordPress websites using the browsers of innocent site visitors. A recent increase…
KingComposer, a WordPress plugin found installed with over 100,000 WordPress sites found vulnerable to Reflected Cross-Site Scripting. The vulnerability was…
Cybercriminals launched more than 130 million attacks aiming to harvest database credentials from 1.3 million Wordpress sites. In this massive…