Important Vulnerability on Advanced Custom Fields Plugin for WordPress

This enhancement allows our customers to view the exact differences (in unified format diff) between infected and cleaned files.

What This Means for You

We're excited to announce a significant enhancement to Imunify360's capabilities - management of ignore lists based on file hashes. This feature is designed to streamline security management across large server deployments.

For large organizations looking to maintain consistency and avoid the hassle of managing different ignore lists across their server fleet, this centralized solution is the perfect fit.

Dear Valued Customers,

We want to inform you about a critical security issue affecting the widely-used Polyfill JavaScript library and to update you on the measures Imunify360 has taken to protect you.

As database infections become an increasingly popular attack vector, ensuring their protection is more critical than ever. We are thrilled to announce the latest update to our Malware Database Scanner (MDS). Our enhanced MDS now features a more user-friendly interface and improved functionality, making it easier and more efficient to detect and eliminate threats in your databases.

These changes will be included in the following packages: aibolit-32.1.11 and av-7.14.0.

cPanel is the most secure hosting panel on the market, but without proper safety measures and settings, it can be vulnerable to attacks. The article goes over the following important questions:

Cronjob is a time-based job scheduler in Unix-like operating systems, including Linux, that allows users to schedule and automate repetitive tasks. The name "cron" comes from the Greek word "chronos," which means time.

Infection of cron files is a serious threat to any Linux system that uses task automation. Hackers can use these files to regularly launch malicious programs and scripts.

Infection description

On Sep 15, we detected a malicious campaign. It was evident that the attackers we discovered were using phishing techniques to trick users into downloading a malicious binary file. They used a fake message on websites stating that a user has been blocked by Cloudflare. Meanwhile, infected websites getting the message would not necessarily even use Cloudflare services.

What if we told you that ~15% of infection sources are database infections? If you have ever tried to clean up malicious injections (usually, thousands of them) from the database table, you know how much time and pain it would take. There's a lack of professional solutions to detect and clean up malware in the database automatically. We want to save your time and provide you with another top-notch solution to detect threats in the databases (in addition to our trailblazing Imunify file scanner). We call the solution “Malware Database Scanner” (MDS).