Website Security News

Recently, one of our customers noticed suspicious JavaScript loading across their WordPress website. Visitors were being served third-party scripts that the site owner never installed. After investigation, we discovered the infection originated from a malicious modification in the active theme’s functions.php file. This injected PHP code silently fetched external JavaScript from attacker-controlled domains and inserted it into the site’s front-end. Behind the Breach We found a suspicious script loading on the client’s website. Continue reading Malvertising Campaign Hides in Plain Sight on WordPress Websites at Sucuri Blog.

Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help educate website owners about potential threats to their environments, we’ve compiled a list of important security updates and vulnerability patches for the WordPress ecosystem this past month. The vulnerabilities listed below are virtually patched by the Sucuri Firewall and existing clients are protected. Continue reading Vulnerability & Patch Roundup — September 2025 at Sucuri Blog.

Attackers scan for TCP 22 and 2222 around the clock. When they find an open port, they launch credential-stuffing lists harvested from previous leaks, brute-force scripts, and even malware that hunts for hard-coded passwords in deployment repositories. Verizon’s 2025 Data Breach Investigations Report (DBIR) continues to show stolen credentials as a leading initial access vector because many organizations still rely on simple passwords for SSH and SFTP. Once an outsider lands shell access or write permission to an upload directory, web-facing code and client data follow quickly. Continue reading Enhancing File Transfer Security with SSH Key Authentication at Sucuri Blog.

Navigating to your WordPress site only to be met with the White Screen of Death (WSoD) can be a daunting experience. This error denies access to your site for both administrators and visitors, disrupting your website’s performance and user experience. Despite its prevalence, this common WordPress problem has a number of straightforward solutions. In this post, we’ll cover what the WordPress white screen error is, outline the most common reasons for this issue, and detail the steps you can take to resolve it. Continue reading Troubleshooting WordPress: How to Fix the White Screen of Death (WSoD) at Sucuri Blog.

During a recent cleanup of a compromised WordPress website, we discovered two different malicious files designed to silently manipulate administrator accounts. Attackers often inject such backdoors to maintain persistent access to a site, even if their other malware is detected and removed. These files were disguised to look like regular WordPress components, but their functionality told a different story. What did we find? We found two highly suspicious files that immediately caught our attention. Continue reading Hidden WordPress Backdoors Creating Admin Accounts at Sucuri Blog.

In an era when email remains one of the most important forms of communication for business, commerce, and personal use, ensuring that emails reach their intended recipients (and don’t end up in spam, or worse, aiding cybercrime) is more important than ever. One of the often “behind‐the‐scenes” organizations helping to defend email systems is Spamhaus. In this post, we’ll explain what Spamhaus is, how it works, why it matters, and what best practices companies should follow to stay out of blacklists and protect deliverability. Continue reading Understanding Spamhaus and Its Role in Email Security at Sucuri Blog.

Knowing which is the right CMS is key when launching a new site. Websites are no longer just online brochures; they’re where businesses sell products, protect private information, chat with customers, and build their entire online brand. A good CMS gives you flexibility, room to grow, and strong security, so you can easily manage your content and adapt as your online presence gets bigger. Picking the wrong one can cause a lot of headaches, slowing down your growth and messing with user experience. Continue reading Choosing the Best CMS for Your Needs at Sucuri Blog.

Did you just try to access your site and encounter a Deceptive Site Ahead warning? This error message occurs when the browser believes your website is unsafe and experiencing security issues — and it can seriously affect your traffic and reputation. When this warning appears on your site, you’ll want to address it as soon as possible to ensure that your site (and visitors) are protected from phishing and other social engineering attacks. Continue reading How to Fix the “Deceptive Site Ahead” Warning at Sucuri Blog.

Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help educate website owners about potential threats to their environments, we’ve compiled a list of important security updates and vulnerability patches for the WordPress ecosystem this past month. The vulnerabilities listed below are virtually patched by the Sucuri Firewall and existing clients are protected. Continue reading Vulnerability & Patch Roundup — August 2025 at Sucuri Blog.

Phishing is a serious threat to any industry. We have seen this topic appear in the news more each day. You might have already received a fraudulent email from what seemed to be your bank or even seen the hacking that took place during the 2016 US presidential election. But what do you know about phishing? What is Phishing? Phishing is the fraudulent attempt to obtain sensitive information like login information or other personal identification information (PII), which is any data that could potentially identify a specific individual, such as: usernames, passwords, credit card details, SSN (Social Security Number), bank account information, email, phone number, secret question answers Even partial information can increase the chances of success to subsequent social engineering attacks. Continue reading What is Phishing? at Sucuri Blog.

Due to its flexibility, ease of use, and massive plugin ecosystem, WordPress is a favorite among bloggers, developers, and businesses alike. Given its popularity, attackers do not waste time guessing where sensitive assets live. By default, on every WordPress site the front door is conveniently labeled /wp‐login.php or /wp‐admin/. On even a modest site, server logs can often reveal hundreds of failed logins coming from residential proxies and botnets that rotate addresses. Continue reading Locking Down the WordPress Login Page at Sucuri Blog.