15
Jan
Hunting WordPress Malware Hidden in Double-Encoded Page Builder Content A case study in persistence: When standard security tools fail, detective work begins. The Problem We have a customer who...
Read More
12
Jan
92% of Attackers Are Invisible to Your Server's Default Defense How threshold-based security tools like Fail2ban and Imunify360 miss the vast majority of malicious traffic January 2026 The Promise Fail2ban and Imunify360 are staples...
Read More
12
Jan
Why User-Agent Blocking Doesn't Work: We Caught One IP Pretending to Be 4 Different Bots January 2026 We recently caught a single IP address pretending to be four different legitimate bots—all in...
Read More
05
Jan
The Hidden Cost of Compromised Customers Why Hosting Companies Are Losing the Abuse Battle — And How to Flip the Script January 2026 Every hosting company has an abuse queue. And every abuse...
Read More
29
Nov
16.29 Million Access Logs Analyzed: What We Learned About Global WordPress Attacks November 29, 2025 Over the past 11 days, our global threat detection infrastructure has been running hot—processing 16.29 million access...
Read More
25
Mar
First, I'd like to compliment Sucuri on a fine, detailed analysis of the Sign1 Malware. Kathy Zant has also analyzed this on her YouTube channel. A quick recap first, in the unlikely...
Read More
14
Mar
Sometimes, while determining root cause of a website infection, we see many new methods. However, recently we've been seeing the same old tactics hackers have been using for years. A recent...
Read More
03
Jan
Introduction WordPress Security is full of myths that have no basis in reality or data. A particularly pervasive one is the unsubstantiated claim that “95% of WordPress hacks are due to outdated...
Read More
06
Dec
Many people have received notifications from their cloud server provider indicating their server's IP address has been reported as attacking other websites. We Watch Your Website's services have been used frequently...
Read More
04
Oct
In the past 30 days we’ve seen a new attack vector on WordPress websites - management consoles. First, a disclaimer. The infections discussed here are NOT the result of faulty programming...
Read More
14
Jul
Almost 60K infected sites had installed a WordPress security plugin with a malware scanner. This report is intended to answer questions and add context to our recently announced discovery of tens...
Read More
22
Jan
Okay, WordPress people, check this out by Brian Krebs: https://krebsonsecurity.com/2022/01/crime-shop-sells-hacked-logins-to-other-crime-shops/ What's important to note is this: "One example is Genesis Market, where customers can search for stolen credentials and authentication cookies from a...
Read More
29
Dec
I understand that millions of people are concerned about WordPress Security. I also understand that people tend to follow others when it comes to things they don't fully understand -...
Read More
10
Nov
Since the beginning of November, I've been working on a number of websites (271) that all redirect to various sites, such as: Automated Malware Remediation As I started digging through the WordPress...
Read More
01
Nov
Latest SPAM tricks In your work, is there anything that would stop you from reaching your goals? Probably not. Hackers, or cyber criminals as some call them, are the same way. Their income...
Read More
04
Sep
We've been seeing this since June and have just made time to blog about it. Website malware hiding in plain sight Website malware has always been a moving target, but now the...
Read More
05
Jun
We hear it all the time, “What do hackers want with my little WordPress website?” Or, “How did they manage to find my WordPress website?” We’ll address both of those issues here. First,...
Read More
18
May
We just received a notification: We are getting in touch to let you know about a stored XSS and a CSRF vulnerability in the Avada WordPress Theme versions prior to 5.1.5...
Read More
11
Apr
I had been preparing this write-up for over a week now, but I see that SiteLock beat me to the punch in their blog. As some of you know, we specialize...
Read More
21
Mar
Google recently published a blog post stating that website infections were up in 32% in 2016 compared to the previous year. Some of you will be thinking, Yeah, you want to scare everyone...
Read More- 1
- 2