unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Search
Rss
黑夜模式
Vulnerability & Patch Roundup — February 2025
文章列举了多个WordPress插件的安全漏洞及其修复方法,并建议使用Sucuri Firewall等工具来保护网站免受攻击。...
2025-3-1 01:39:15 | 阅读: 189 |
收藏
|
Sucuri Blog - blog.sucuri.net
software
elementor
security
Fake WordPress Plugin Impacts SEO by Injecting Casino Spam
攻击者通过伪装成无害的WordPress插件注入恶意软件,隐藏插件并利用混淆技术逃避检测。恶意插件从远程URL获取链接并将其注入网站footer中,用于垃圾信息传播和SEO优化。定期检查插件、更新软件和使用防火墙可帮助防范此类攻击。...
2025-2-26 21:57:1 | 阅读: 7 |
收藏
|
Sucuri Blog - blog.sucuri.net
malicious
wordpress
attackers
footer
spammy
WordPress ClickFix Malware Causes Google Warnings and Infected Computers
一种新的仿冒Google reCAPTCHA的恶意软件正在WordPress网站中传播。该恶意软件伪装成正常的人机验证提示,诱导用户执行恶意Powershell命令以感染计算机。攻击者利用区块链网络分发代码,并通过伪装成合法插件或注入主题文件的方式入侵网站。用户应避免执行未知来源的系统命令,并保持软件更新以防范此类威胁。...
2025-2-21 20:17:57 | 阅读: 18 |
收藏
|
Sucuri Blog - blog.sucuri.net
wp
malicious
wordpress
windows
attackers
When Spam Hides In Plain Sight
这篇文章描述了一个赌场垃圾信息注入WordPress网站的案例,攻击者通过隐藏在页面构建器的代码块中规避检测。作者通过检查数据库和文件未果后,最终在Fusion Builder插件的编辑器中发现了隐藏的垃圾信息。文章还强调了攻击者利用此类方法绕过安全扫描并传播恶意内容的风险,并提供了预防措施以帮助网站所有者保护其站点安全。...
2025-2-19 23:31:15 | 阅读: 9 |
收藏
|
Over Security - Cybersecurity news aggregator - blog.sucuri.net
database
wordpress
matt
security
malicious
Hidden Backdoors Uncovered in WordPress Malware Investigation
Sucuri发现WordPress网站被恶意软件入侵,攻击者利用mu-plugins目录隐藏后门文件。恶意代码通过base64编码和AES加密执行远程命令,窃取数据并控制服务器。建议删除可疑文件、扫描网站并防止上传目录执行PHP脚本以应对威胁。...
2025-2-14 21:26:56 | 阅读: 17 |
收藏
|
Sucuri Blog - blog.sucuri.net
php
wp
attackers
malicious
mu
Magento Credit Card Stealer Disguised in an img Tag
这篇文章介绍了 MageCart 恶意软件如何通过隐藏在 `<img>` 标签中的 Base64 编码脚本窃取信用卡信息。该恶意软件在结账页面加载时触发,收集用户输入的信用卡数据并发送到远程服务器。文章强调了此类攻击的隐蔽性和复杂性,并提供了防护建议,如定期更新软件、使用防火墙和启用双重认证等。...
2025-2-12 23:17:2 | 阅读: 12 |
收藏
|
Over Security - Cybersecurity news aggregator - blog.sucuri.net
malicious
magento
security
undetected
software
Google Tag Manager Skimmer Steals Credit Card Info From Magento Site
这篇文章讲述了Sucuri发现一起通过Google Tag Manager(GTM)传播的恶意软件攻击事件。攻击者利用GTM脚本加载恶意代码,窃取Magento电商平台的信用卡数据。Sucuri通过深入调查发现了恶意代码,并清理了感染源和后门。文章提醒网站管理员警惕可疑脚本,并建议定期检查网站安全以防止类似攻击。...
2025-2-6 22:25:25 | 阅读: 37 |
收藏
|
Sucuri Blog - blog.sucuri.net
gtm
malicious
magento
attackers
security
Vulnerability & Patch Roundup — January 2025
Vulnerability reports and responsible disclosures are essential for website security awareness and e...
2025-1-31 22:57:19 | 阅读: 407 |
收藏
|
Sucuri Blog - blog.sucuri.net
software
security
contributor
Sucuri WAF Now Supports HTTP/3: A Faster and More Secure Web Experience
We’re excited to announce that the Sucuri Web Application Firewall (WAF) now supports HTTP/3, the l...
2025-1-28 20:39:44 | 阅读: 27 |
收藏
|
Sucuri Blog - blog.sucuri.net
visitors
security
sucuri
ensuring
kyle
Malware Redirects WordPress Traffic to Harmful Sites
Recently, a customer approached us after noticing their website was redirecting visitors to a suspi...
2025-1-24 02:1:33 | 阅读: 26 |
收藏
|
Over Security - Cybersecurity news aggregator - blog.sucuri.net
malicious
attackers
security
php
wordpress
Backdoors: The Hidden Threat Lurking in Your Website
Website backdoors are a silent yet deadly threat to website security. These stealthy mechanisms bypa...
2025-1-17 23:1:21 | 阅读: 8 |
收藏
|
Over Security - Cybersecurity news aggregator - blog.sucuri.net
backdoors
attackers
sucuri
threats
security
Japanese Spam on a Cleaned WordPress Site: The Hidden Sitemap Problem
While investigating a compromised WordPress site, we discovered a malware infection causing Japa...
2025-1-15 23:14:3 | 阅读: 16 |
收藏
|
Sucuri Blog - blog.sucuri.net
sitemap
gsc
malicious
indexed
japanese
Stealthy Credit Card Skimmer Targets WordPress Checkout Pages via Database Injection
Recently, we released an article where a credit card skimmer was targeting checkout pages on a M...
2025-1-9 21:34:51 | 阅读: 6 |
收藏
|
Sucuri Blog - blog.sucuri.net
wordpress
0x5ab8c6
malicious
security
Vulnerability & Patch Roundup — December 2024
Vulnerability reports and responsible disclosures are essential for website security awareness and e...
2025-1-7 23:54:1 | 阅读: 99 |
收藏
|
Sucuri Blog - blog.sucuri.net
software
security
elementor
Vulnerability & Patch Roundup — November 2024
Vulnerability reports and responsible disclosures are essential for website security awareness and e...
2024-12-20 23:16:11 | 阅读: 56 |
收藏
|
Over Security - Cybersecurity news aggregator - blog.sucuri.net
software
security
elementor
Malicious Script Injection on WordPress Sites
Recently, our team discovered a JavaScript-based malware affecting WordPress sites, primarily ta...
2024-12-6 05:48:26 | 阅读: 20 |
收藏
|
Sucuri Blog - blog.sucuri.net
security
wordpress
php
publicwww
malicious
Credit Card Skimmer Malware Targeting Magento Checkout Pages
Magento websites are a frequent target for cybercriminals due to their widespread usage in eCommerc...
2024-11-27 08:21:25 | 阅读: 23 |
收藏
|
Sucuri Blog - blog.sucuri.net
magento
security
malicious
remote
ecommerce
Simple Include Statement Hides Casino Spam
Just as there are countless types of websites on the internet, there are just as many attackers see...
2024-11-15 06:35:33 | 阅读: 28 |
收藏
|
Sucuri Blog - blog.sucuri.net
wordpress
casino
malicious
doorway
bots
PHP Reinfector and Backdoor Malware Target WordPress Sites
We recently observed a surge in WordPress websites being infected by a sophisticated PHP reinfector...
2024-11-14 05:55:10 | 阅读: 20 |
收藏
|
Sucuri Blog - blog.sucuri.net
wordpress
malicious
wpcode
database
wp
Malware Steals Account Credentials
It’s common for malware to target e-commerce sites, and these attackers are usually seeking to...
2024-11-9 06:1:50 | 阅读: 14 |
收藏
|
Over Security - Cybersecurity news aggregator - blog.sucuri.net
attackers
magento
passwords
matt
malicious
Previous
3
4
5
6
7
8
9
10
Next
