92% of Attackers Are Invisible to Your Server's Default Defense How threshold-based security tools like Fail2ban and Imunify360 miss the vast majority of malicious traffic January 2026 The Promise Fail2ban and Imunify360 are staples...
Read MoreWhy User-Agent Blocking Doesn't Work: We Caught One IP Pretending to Be 4 Different Bots January 2026 We recently caught a single IP address pretending to be four different legitimate bots—all in...
Read MoreThe Hidden Cost of Compromised Customers Why Hosting Companies Are Losing the Abuse Battle — And How to Flip the Script January 2026 Every hosting company has an abuse queue. And every abuse...
Read More16.29 Million Access Logs Analyzed: What We Learned About Global WordPress Attacks November 29, 2025 Over the past 11 days, our global threat detection infrastructure has been running hot—processing 16.29 million access...
Read MoreFirst, I'd like to compliment Sucuri on a fine, detailed analysis of the Sign1 Malware. Kathy Zant has also analyzed this on her YouTube channel. A quick recap first, in the unlikely...
Read MoreSometimes, while determining root cause of a website infection, we see many new methods. However, recently we've been seeing the same old tactics hackers have been using for years. A recent...
Read MoreIntroduction WordPress Security is full of myths that have no basis in reality or data. A particularly pervasive one is the unsubstantiated claim that “95% of WordPress hacks are due to outdated...
Read MoreMany people have received notifications from their cloud server provider indicating their server's IP address has been reported as attacking other websites. We Watch Your Website's services have been used frequently...
Read MoreIn the past 30 days we’ve seen a new attack vector on WordPress websites - management consoles. First, a disclaimer. The infections discussed here are NOT the result of faulty programming...
Read MoreAlmost 60K infected sites had installed a WordPress security plugin with a malware scanner. This report is intended to answer questions and add context to our recently announced discovery of tens...
Read MoreOkay, WordPress people, check this out by Brian Krebs: https://krebsonsecurity.com/2022/01/crime-shop-sells-hacked-logins-to-other-crime-shops/ What's important to note is this: "One example is Genesis Market, where customers can search for stolen credentials and authentication cookies from a...
Read More
Latest SPAM tricks In your work, is there anything that would stop you from reaching your goals? Probably not. Hackers, or cyber criminals as some call them, are the same way. Their income...
Read More
We just received a notification: We are getting in touch to let you know about a stored XSS and a CSRF vulnerability in the Avada WordPress Theme versions prior to 5.1.5...
Read More
I had been preparing this write-up for over a week now, but I see that SiteLock beat me to the punch in their blog. As some of you know, we specialize...
Read More
There seems to be a renewed infection of websites based on WordPress, Joomla and other popular website platforms, with some malicious javascript that has been around for awhile. The code referred...
Read More
Investigating some interesting entries in log files from our customers, we see that hackers apparently are still looking for infected WordPress websites. First we see this: (IP address blanked to protect the infected) -...
Read MoreI get real tired of people reading something online and then thinking it's the real truth. Of course, this blog post falls into that category too, but I will explain. Over...
Read More