Finding PHP and WordPress Backdoors Using Antivirus and Indicator of Compromise

From time to time we do forensic investigations of WordPress breakins. When we do the investigation there is often one or more backdoors placed in the filesystem or modified legit WordPress-related files in wp-includes, themes or plugins. This is not only… Read more

Similar

WordPress to get digitally signed updates (Ed25519)

Exciting work is being done with regards to the WordPress auto-update system that allows the WordPress team to sign each update. That signature can be verified by each WordPress installation to guarantee you're installing the actual WordPress update an...

Read more »