Wordfence Research and News

Blog icon
Category: Research

BabaYaga: The WordPress Malware That Eats Other Malware

Recently, Defiant’s analysts have been tracking a particularly sophisticated malware infection responsible for generating spam links and redirection, while still remaining relatively difficult for victims to detect.

Hijacked WordPress.com Accounts Being Used To Infect Sites

Update on May 23 at 11:50AM: A representative from WordPress.com reached out to us with the following statement: There has been some misinformation making the rounds, so to clarify, there has been no security breach for user accounts at WordPress.com.

WordPress: Tracking Emerging Cryptomining Threats

This is a post written by James Yokobosky who works on the Defiant Threat Intelligence team.

Service Vulnerability: MelbourneIT Fixes NFS Permissions Problem

In February, we wrote about a vulnerability on three shared hosting services. 

Three Plugins Backdoored in Supply Chain Attack

In the last two weeks, the WordPress.org repository has closed three plugins because they contained content-injection backdoors.

Massive Cryptomining Campaign Targeting WordPress Sites

On Monday we wrote about the massive spike in brute force attacks on WordPress sites that we observed.

WordPress Plugin Banned for Crypto Mining

The WordPress plugin repository recently removed a plugin known as “Animated Weather Widget by weatherfor.us.” We dug a little deeper, and it appears that the plugin was removed for including JavaScript code that would mine cryptocurrency using the CPU resources of site visitors.

Cryptocurrency Miners Exploiting WordPress Sites

During the last month, the information security media has paid a lot of attention to cryptocurrency mining malware.

NGINX and PHP Malware Used in Petya/Nyetya Ransomware Attack

Author’s note: This is a technical blog post which I’m hoping server administrators and web hosting providers will find helpful.

Home Router Botnet Resumes Attacks

Yesterday at 7pm UTC (noon PDT) we saw the volume of brute force attacks on the WordPress sites that we protect more than double from the average for the previous 24 hours.
  • Ask Wordfence
  • General Security
  • Holiday
  • Learning
  • Long Read
  • Miscellaneous
  • Monthly Attack Activity Report
  • Podcasts
  • PSA
  • Research
  • SEO
  • Threat Research
  • Uncategorized
  • Videos
  • Vulnerabilities
  • Wordfence
  • Wordfence CLI
  • Wordfence Intelligence
  • WordPress Security

    • Breaking WordPress Security Research in your inbox as it happens.

    Example of a news story

    This site uses cookies in accordance with our Privacy Policy.