Security Guard Magazine
    Thumbnail
    WordPress malware cybercrime GoDaddy

    Global WordPress Malware Campaign 'DollyWay' Infects Over 20,000 Sites

    March 20, 2025 • 1 min read

    A sophisticated malware operation dubbed 'DollyWay' has compromised more than 20,000 WordPress websites since 2016, redirecting visitors to fraudulent sites. The persistent campaign generates millions of monthly impressions through an advanced traffic direction system while expertly evading detection.

    Thumbnail
    WordPress FOSS antitrust GPL

    WordPress Access Battle Sparks Class Action Lawsuit Against Automattic

    March 02, 2025 • 1 min read

    A class action lawsuit challenges Automattic's decision to block WP Engine from accessing WordPress updates and resources, affecting thousands of websites. The case could set precedents for open-source software control and trademark enforcement while testing WordPress's commitment to remaining freely accessible.

    Thumbnail
    WordPress malware cybercrime e-commerce

    New WordPress Credit Card Skimmer Hides in Database to Steal Payment Data

    January 13, 2025 • 1 min read

    Cybersecurity researchers have discovered a sophisticated credit card skimming campaign targeting WordPress e-commerce sites by injecting malicious code into database tables. The stealthy malware evades detection while capturing payment information through fake forms and encrypted exfiltration methods.

    Thumbnail
    WordPress Bluesky GPL GitHub

    WordPress in Crisis: Co-Creator Deactivates High-Profile Community Contributors

    January 12, 2025 • 1 min read

    WordPress co-creator Matt Mullenweg has sparked controversy by deactivating several prominent community members' accounts amid governance disputes. The move follows tensions with major players like Yoast SEO creator and WP Engine, raising questions about leadership and community contribution in the popular CMS.

    Thumbnail
    WordPress Russia malware cybercrime

    Malicious PhishWP Plugin Targets WordPress E-commerce Payment Data Through Fake Checkouts

    January 07, 2025 • 1 min read

    A sophisticated WordPress plugin called PhishWP has emerged on Russian cybercrime forums, creating deceptive payment gateways to steal customer payment data through fake checkout pages. The malware includes advanced features like OTP functionality and real-time data transmission via Telegram, highlighting growing e-commerce security threats.

    Thumbnail
    WordPress malware cybersecurity PHP

    Critical Security Flaw in Popular WordPress Backup Plugin Threatens Millions of Sites

    January 06, 2025 • 1 min read

    A severe vulnerability discovered in UpdraftPlus WordPress plugin puts over 3 million websites at risk of code execution attacks. The high-severity flaw affects all versions up to 1.24.11 and requires immediate updating to the patched version.

  • 1

Free Security Guards Resource and Information Magazine