User Enumeration is the capacity to automatically figure out if a given account is valid on a system. By enumerating client accounts, you are at...
Do you own a WordPress site? Congratulations, the advanced security features of the platform will protect you for life…or so you’d like...
When a site gets hacked, the attack doesn’t end with the malicious payload or spam content. Hackers know that most website administrators...
Experts from the White Fir Design discovered cybe rcriminals exploited a zero-day flaw in an e-commerce plugin for WordPress to upload a...
In this tutorial we are going to show you how to use free SSL on your wordpress site using Cloudflare’s Free Flexible...
One of the worst feelings a website owner can experience is discovering that your site has been hacked. Without propersecurity measures in...
WordPress is a free, open source content management system (CMS) for creating websites, and is considered to be the most popular blogging system...
Last summer we shared a story about the SweetCaptcha WordPress plugin injecting ads and causing malvertising problems for websites that leveraged the plugin....
We first disclosed that the WordPress pingback method was being misused to perform massive layer 7 Distributed Denial of Service (DDoS) attacks back in...
Attackers are adding unauthorized code at the top of infected websites, over 3,500 8sites already infected. Alarms are ringing in Symantec’s offices,...
Developers at Automattic, the parent company behind the blogging platform WordPress, fixed a nasty stored cross-site scripting error this week in Akismet,...
Hackers are hiding hundreds or thousands of username/password combinations in one single XML-RPC request. WordPress sites are being abused once again and there...
After a few critical bugs were recently discovered and patched in the core WordPress engine—a rarity with WordPress-related security issues—order has apparently...
Compromised WordPress websites are delivering spyware and PUAs (potentially unwanted applications) to users via fake Flash update messages and fake browser plugins....
15-day-old campaign has spiked in past 48 hours, with >5,000 new infections daily. Attackers have hijacked thousands of websites running the WordPress...
WordPress core engine security vulnerabilities aren’t rare, but they are uncommon. Most issues affecting the integrity of sites running on the content...
Short Bytes: WordPress high CPU load bug – We faced it and I am guessing thousands of other blogs hosted on WordPress faced it too, when...
Heimdal Security researchers have observed a new ransomware campaign that utilizes the Neutrino exploit kit to deliver Teslacrypt ransomware to victims via...
Researchers have identified a relatively “common” cross-site scripting flaw (XSS) in some famous WordPress plugins — A coordinated plugin update has been released to...
The US Federal Bureau of Investigation (FBI) has warned the WordPress users and urged them to patch their plugins of the content...
Remember the time when Swedish police took down The Pirate Bay in late 2014? The online torrent files index and repository, IsoHunt announced...