Global CyberSecurity
Malicious WordPress Plugin Creates Hidden Admin User Backdoor
Post Views: 506 I recently wrote about a case where a malicious plugin was used to steal admin credentials. Here we will examine ...
Global CyberSecurity
Analysis of a Malicious WordPress Plugin: The Covert Redirector
Post Views: 1,295 A few weeks ago, we received a support request from a website owner who was experiencing unexpected redirects. Visitors landed ...
Global CyberSecurity
Understanding SSRF: Abusing Server Trust from the Inside Out
Post Views: 1,322 In our daily interactions online, trust is a fundamental currency. We trust servers to handle our data, process our requests, ...
Global CyberSecurity
Fake WordPress Caching Plugin Used to Steal Admin Credentials
Post Views: 346 A common trend we see is that bad actors will upload malicious plugins to WordPress sites. These plugins serve a ...
Global CyberSecurity
Vulnerability & Patch Roundup — May 2025
Post Views: 1,282 Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are ...
Global CyberSecurity
What Motivates Website Malware Attacks?
Post Views: 1,288 The depiction in the media of hackers tends to be that of balaclava-wearing villains who type furiously in a dark ...
Global CyberSecurity
Fake Java Update Popup Found in Malicious WordPress Plugin
Post Views: 1,294 We recently assisted a customer who reported a persistent and concerning “Java Update” pop-up appearing on their WordPress website. This ...
