Multi-Tiered Credit Card Skimmer Targets WooCommerce Sites: Comprehensive Security Analysis

30.10.2025 siteguarding2

A sophisticated multi-layered malware campaign has emerged targeting WordPress e-commerce sites running WooCommerce, threatening the security of over 6 million active online stores globally. First discovered in August 2025, this advanced threat demonstrates unprecedented evasion capabilities, leveraging rogue WordPress plugins with custom encryption, fake image files concealing malicious JavaScript payloads, and persistent backdoor infrastructure that enables attackers to deploy additional code remotely.

Lampion Banking Trojan Evolves with ClickFix Social Engineering: A Comprehensive Threat Analysis

30.10.2025 siteguarding2

Security researchers have uncovered a sophisticated evolution of the Lampion banking trojan campaign, marking a significant escalation in cyber threats targeting Portuguese-speaking financial institutions. This long-running operation, active since at least 2019, has undergone substantial tactical refinements, incorporating the rapidly emerging ClickFix social engineering technique that has proven devastatingly effective across the global threat landscape.

Google Urged Users to Switch to Gmail — Then a Critical Gmail Security Issue Emerged the Next Day

28.10.2025 siteguarding2

In a surprising series of events, Google recently advised users of competing email services to consider switching to Gmail due to reliability and service stability concerns. The messaging emphasized that users could avoid potential service interruptions by moving their communication and data to Gmail’s ecosystem.

8.7 Million WordPress Attacks in 48 Hours: What Your Business Must Know

27.10.2025 siteguarding2

Recent threat-intelligence data show that in just 48 hours, over 8.7 million attack attempts targeted websites built on WordPress. The scale and speed of these attacks underline the critical importance of raising your WordPress security level — especially if your organization uses WP for corporate sites, landing pages or content hubs.

Attackers Exploiting Critical WSUS Vulnerability – What It Means for Your Enterprise

27.10.2025 siteguarding2

Security teams have been alerted that a critical flaw in Microsoft’s WSUS product (used for patch management in many enterprises) is being actively exploited in the wild. This isn’t just a vulnerability to patch — it highlights broader risk in patch-management infrastructure and the need for heightened vigilance.

The New Frontier: AI meets Ransomware

25.10.2025 siteguarding2

The cybersecurity landscape has entered an inflection point. Where traditional ransomware once involved attacker-coded payloads and direct encryption demands, modern campaigns are now increasingly driven by artificial intelligence: self-learning, adaptive, tailored, and increasingly difficult to detect or defend against. According to recent research, as much as 80 % of ransomware attacks now utilise artificial intelligence.

The Cookie Monster: How Cybercriminals Are Using PHP Variables and Cookies to Hide Malware in Plain Sight

25.10.2025 siteguarding2

A sophisticated new malware campaign is targeting WordPress sites with an ingenious obfuscation technique that’s proving difficult to detect—and it’s already hit over 30,000 sites in a single month.

YouTube Ghost Network: How Cybercriminals Weaponized 3,000+ Videos to Distribute Malware

24.10.2025 siteguarding2

A sophisticated malware distribution campaign has transformed YouTube into an unexpected threat vector, leveraging over 3,000 compromised videos to deliver information-stealing malware to unsuspecting users. This operation, designated as the “YouTube Ghost Network” by Check Point Research, represents a paradigm shift in how threat actors exploit trusted platforms to achieve large-scale compromise.

The Hidden Danger in AI Browsers: How PromptFix and Screenshot Attacks Are Redefining Cybersecurity Threats

23.10.2025 siteguarding2

The rise of AI-powered browsers has introduced a new frontier in web security—one where traditional defenses fall short and attackers have found innovative ways to exploit artificial intelligence itself. Recent research has uncovered critical vulnerabilities in agentic AI browsers, particularly Perplexity’s Comet browser, revealing how malicious actors can manipulate these tools through sophisticated prompt injection techniques.

Critical Alert: Adobe Magento SessionReaper RCE Vulnerability Under Active Exploitation