WordPress Comment Activates Backdoor Via SQL Trigger

WordPress Comment Activates Backdoor Via SQL Trigger
Attackers are using SQL triggers as a backdoor to create a malicious admin user whenever a special comment is submitted to an infected WordPress website.
Read more →

ALFA TEaM v4.1 Web Shell New Features

ALFA TEaM v4.1 Web Shell New Features
A new PHP web shell by ALFA TEaM that has some interesting new features like the ability to create a cPanel phishing page that blocks the victim from a part of their website until they interact with the phishing page.
Read more →

PHP Webshell Loads From Cookie

PHP Webshell Loads From Cookie
How to load/execute malicious PHP code stored in HTTP cookie values.
Read more →

SCP-173 PHP Malware + WordPress

SCP-173 PHP Malware + WordPress
An interesting code comment, scp-173, with meme origins has been found in various PHP malware targeting WordPress websites throughout 2020.
Read more →

Plugin Killer: WordPress Malware Disables Security Plugins

Plugin Killer: WordPress Malware Disables Security Plugins
A malicious PHP file that was disabling common WordPress security plugins before injecting SEO spam onto the infected website.
Read more →
Disclaimer: The research posted on this website is for information purposes only. Do not use it for illegal purposes.