Wordfence Research and News

Blog icon
Category: WordPress Security

Brad Haas Discusses BabaYaga Malware on the CyberWire Podcast

In early June we published an article and accompanying white paper detailing an interesting malware infection which we’ve internally dubbed BabaYaga.

Your Site Can Help Defend Millions Of Others

As you’re probably aware, Wordfence’s Security Services Team (SST) provides world-class remediation services in the event that your site falls victim to malicious activity. 

Details of an Additional File Deletion Vulnerability – Patched in WordPress 4.9.7

Today WordPress released version 4.9.7, a security release which addresses two separate arbitrary file deletion vulnerabilities requiring Author privileges.
Wordfence Brute Force Protection

Optimizing Wordfence Security Settings: Brute Force Protection

As a part of the Wordfence Client Partner initiative, we’ve recently had some in depth conversations with organizations using Wordfence at scale.

Arbitrary File Deletion Flaw Present in WordPress Core

The security community has been abuzz this week following the disclosure of a vulnerability present in all current versions of WordPress.

Top Tools for Security Analysts in 2018

Last spring, after discussing the tools and tech used by our team, we published a list of 51 Tools for Security Analysts.

BabaYaga: The WordPress Malware That Eats Other Malware

Recently, Defiant’s analysts have been tracking a particularly sophisticated malware infection responsible for generating spam links and redirection, while still remaining relatively difficult for victims to detect.

Hijacked WordPress.com Accounts Being Used To Infect Sites

Update on May 23 at 11:50AM: A representative from WordPress.com reached out to us with the following statement: There has been some misinformation making the rounds, so to clarify, there has been no security breach for user accounts at WordPress.com.

How the Wordfence Scanner Protects Your Site

When we think about Wordfence and how it improves your WordPress security posture, there are two core features we tend to focus on: the firewall, and the security scanner.

Introducing Discounted Hacked Site Cleanings

Last month we introduced ‘high demand’ pricing for our site cleaning service.
  • Ask Wordfence
  • General Security
  • Holiday
  • Learning
  • Long Read
  • Miscellaneous
  • Monthly Attack Activity Report
  • Podcasts
  • PSA
  • Research
  • SEO
  • Threat Research
  • Uncategorized
  • Videos
  • Vulnerabilities
  • Wordfence
  • Wordfence CLI
  • Wordfence Intelligence
  • WordPress Security

    • Breaking WordPress Security Research in your inbox as it happens.

    Example of a news story

    This site uses cookies in accordance with our Privacy Policy.