Pierluigi Paganini
February 02, 2017
A new dangerous Zero-day Content Injection vulnerability has been discovered in the WordPress CMS, it affects the WordPress REST API. A new dangerous vulnerability has been discovered in the WordPress CMS, it is a zero-day content injection flaw in the WordPress REST API. The vulnerability discovered by a security researcher at firm Sucuri could be […]
Pierluigi Paganini
December 20, 2016
Security experts from Wordfence observed a huge increase in Brute Force attacks in the last three weeks. The security firm Wordfence is warning the WordPress community of a spike in the number of brute force attacks against websites running WordPress. has increased significantly in December compared to the previous period. The researchers observed brute force attacks […]
Pierluigi Paganini
December 16, 2016
Security firm RIPS Technologies has analyzed 44,705 in the official WordPress plugins directory and discovered that more than 8,800 of them are flawed. Experts from the security company RIPS Technologies have conducted an interesting analysis of WordPress plugins. The researchers have analyzed 44,705 of the roughly 48,000 plugins available in the official WordPress plugins. “To do […]
Pierluigi Paganini
November 23, 2016
Black Friday and Cyber Monday are upon us, Checkmarx published a report analyzing the security of some of the top WordPress plugins. The Black Friday and the Cyber Monday are upon us and security experts from Checkmarx are questioning the security of some of the top WordPress e-commerce plugins that are currently used in more […]
Pierluigi Paganini
July 10, 2016
Threat actors in the wild are behind the Realstatistics campaign are leveraging on out-of-date CMSs to deliver the CryptXXX ransomware. Security experts from Sucuri security firm have spotted a new ransomware-based campaign dubbed ‘Realstatistics’ conducted by threat actors in the past two weeks. “Our Incident Response Team (IRT) has been tracking a mass infection campaign over the […]
Pierluigi Paganini
June 03, 2016
More than 10,000 WordPress installations being exploited in the wild due to a vulnerability in the  WP Mobile Detector plugin. Security experts at Sucuri reported that a growing number of WordPress installations have been compromised by hackers exploiting a security flaw in a widely used plugin called WP Mobile Detector. The worrisome news is that […]
Pierluigi Paganini
April 19, 2016
IBM Security has warned the WordPress community about a spike in the number of attacks leveraging a specific variant of the PHP C99 Webshell. Security experts at IBM reported a spike in the number of cyber attacks pushing a variant of the popular C99 webshell in February and March, a 45 percent increase compared to the previous period. […]
Pierluigi Paganini
April 11, 2016
WordPress announces “HTTPS Everywhere, Encryption for All WordPress.com Sites,” millions websites will be secured without users’ effort. WordPress is pushing free default SSL for all the website running the popular CMS and hosted on WordPress.com, that means over 26% of websites based on the most popular CMSs on the web will be secured (Statistics by W3techs). […]
Pierluigi Paganini
February 22, 2016
Operators running websites based on the WordPress and Joomla must be aware of a spike in the number of compromised platforms used in Admedia attacks. Not only WordPress CMS, threat actors behind the “Admedia attacks” are now looking with increasing interest to Joomla. This is the discovery made by the experts at the Internet Storm […]
Pierluigi Paganini
February 19, 2016
In a recent investigation case, security researchers at Sucuri revealed that 26,000 different WordPress sites were exploited to launch Layer 7 distributed denial of service (DDoS) attacks. In a recent investigation case, security researchers at Sucuri revealed that 26,000 different WordPress sites were generating a sustained rate of 10,000 to 11,000 HTTPS requests per second […]
