Research Archives - Page 25 of 27

The December 2016 WordPress Attack Activity Report

This week we are introducing something new. At the beginning of each month we will be doing a monthly WordPress security report.

Election Hack Report FAQ: What You Need to Know

On Friday we published an analysis of the FBI and DHS Grizzly Steppe report.

US Govt Data Shows Russia Used Outdated Ukrainian PHP Malware

Update at 1am Pacific Time, Monday morning Jan 2nd: Please note that we have published a FAQ that accompanies this report.

Who is Really Behind the Ukrainian Brute Force Attacks?

Last Friday we published a report showing a significant increase in Brute Force Attacks.

Gravatar Advisory: How to Protect Your Email Address and Identity

Update: We’ve added comments at the end of the post pointing out that the National Institute of Standards and Technology (NIST) considers an email address to be personally identifiable information or PII.

Revslider, MailPoet, GravityForms Exploits Bypass Cloudflare WAF

Update: We have received reports from a plugin vendor that there may be some confusion about whether or not the plugins referred to in this post are still vulnerable.

18X Speedup in Wordfence Scan

Wordfence 6.2.0 was released yesterday and it includes something really special: a huge improvement in scan performance.

Hacking a WordPress Botnet

While analyzing some of the attacks we see on the Wordfence Web Application Firewall, we discovered code that an attacker was trying to upload that was part of a botnet.

Top 50 Most Attacked WordPress Plugins This Week

Last week we shared the top 20 most attacked WordPress themes and an explanation of why many of them are targeted.

404 to 301 Plugin Considered Harmful

Yesterday we received a site cleaning request where one of our customers was seeing spammy links, Payday Loans in this case, injected into their WordPress website page content.

Wordfence Research and News