Important Vulnerability on Advanced Custom Fields Plugin for WordPress

IMPORTANT: Upcoming Requirement for Configuration

In one month, a change will take effect for all users utilizing generic control panel integration.

The "[integration_scripts].panel_info" option, currently optional, will become mandatory. This requirement is exclusive to generic control panel users and does not apply to those on cPanel, Plesk, or DirectAdmin.

We ask you to prepare by populating this option with the appropriate script, as detailed in our documentation: Specifying Panel Information Documentation.

We’re pleased to announce the launch of a new Imunify360 feature called MyImunify, designed to help hosting companies generate revenue from their security services and give more flexibility with their hosting plans. 

Imunify360 researchers have recently found a wave of attacks exploiting a known vulnerability in Chamilo LMS (CVE-2023-34960) to escalate and execute arbitrary commands. Chamilo is an e-learning platform, also called Learning Management Systems (LMS), widely used by Universities and NGOs with a total of ~85k installations.

In the ever-evolving landscape of cybersecurity threats, no one is truly immune from the devastating consequences of a ransomware attack. Recent headlines have highlighted the unfortunate plight of Danish hosting firms CloudNordic and AzeroCloud. Their stories are a stark reminder that even the most vigilant organizations can fall prey to cybercriminals. In this article, we'll delve into the details of this attack, the lessons we can draw from it, and the importance of robust cybersecurity solutions like Imunify360 in safeguarding against such incidents.

сPanel is one of the most popular control panels on the web with a broad community and a large number of extensions. But as always, popularity has its price: every month Imunify web security analysts detect tens of thousands of specialized automated attacks on cPanel users’ accounts. The vast majority of such attacks are simple Brute-Force, however, there is always a portion of more sophisticated attempts like SQLi and others.

In the ever-changing world of web hosting, we're always on the lookout for ways to strike a balance between solid server security and helping hosting businesses grow. This challenge has led us to find innovative solutions that make things safer and open doors to new possibilities. Today, we're excited to introduce you to something revolutionary that enhances security and brings exciting growth opportunities.

Dear customers,

We've identified a concern with Yandex bot crawling that may impact your website's visibility. Our investigation shows that, besides legitimate Yandex bots, some traffic from these IP addresses may be malicious.

While we're collaborating with Yandex's support team for a solution, here are some interim measures:

In today's digital landscape, monetizing websites through ads has become a standard practice, but it comes with security trade-offs.

Are you a website owner? Do you rely on your website to drive business, engage customers, and generate revenue? If so, you understand the critical importance of keeping your website online and accessible to visitors. In today's digital age, downtime can have a significant impact on your bottom line and reputation. To help you navigate this crucial aspect of website management, NameHero, and Imunify360 are excited to present the webinar on "Mastering Website Uptime: Ensuring Your Online Success."