Global CyberSecurity
Critical Vulnerability in File Manager Plugin Affecting 700k WordPress Websites
Post Views: 1,789 Yesterday, the WordPress plugin File Manager was updated, fixing a critical vulnerability allowing any website visitor to gain complete access ...
Global CyberSecurity
Using assert() to Execute Malware in PHP 7 Environments
Post Views: 1,443 Initially released December 2015, PHP 7 introduced a multitude of performance and security improvements. Approximately 43.7% of websites across the ...
Global CyberSecurity
Persistent WordPress User Injection
Post Views: 1,613 Our team recently stumbled across an interesting example of malicious code used to add an arbitrary user inside WordPress. The ...
Global CyberSecurity
Magento Multiversion (1.x/2.x) Backdoor
Post Views: 2,271 The Magento 1 EOL date has already passed, however it’s evident that a large number of websites will continue to ...
Global CyberSecurity
COVID-19 Chloroquine Pharmaspam
Post Views: 1,866 A recent SiteCheck scan of an organization’s website showed an interesting pharmacy spam injection targeting COVID-19-related pages of websites. The ...
Global CyberSecurity
CDN-Filestore Credit Card Stealer for Magento
Post Views: 1,954 During a website remediation, we recently discovered a new version of a Magento credit card stealer which sends all compromised ...
Global CyberSecurity
Web Crawler & User Agent Blocking Techniques
Post Views: 1,931 This is a simple script that allows hackers to block specific crawlers based upon website requests from specific user-agents. This ...
