Important Vulnerability on Advanced Custom Fields Plugin for WordPress

We're reaching out to inform you about an upcoming disruption to our payment services due to essential system maintenance.

On April 1st, Google will implement a new pricing model that will significantly reduce the free tier usage of reCAPTCHA and introduce new prices for the reCAPTCHA Enterprise service. Although reCAPTCHA offers decent bot protection, it is not without its flaws, yet remains quite effective. However, we at Imunify360 have decided to discontinue its use within our protection suite. This decision stems not solely from the new costs associated with its use, but more importantly, because we have developed our own bot protection technology, SplashScreen, which our recent research has shown to be as effective as Google’s reCAPTCHA.

UPD: WebShield 1.25.0 was first released to Beta on March 26 with included updates DEF-27382 PoC for the Get rid of reCaptcha epic/DEF-27508 Test&merge get rid of reCaptcha to master.
Starting from WebShield the 1.25.0 release, the Imunify360 JS challenge is used for the requests from the IPs that were graylisted.

Attention WordPress enthusiasts! The much-anticipated WordCamp Phoenix 2024 is just around the corner, and it’s shaping up to be an event you won’t want to miss. Scheduled for February 9-10 at Phoenix College in Arizona, this event promises to be a melting pot of ideas, innovations, and insights in the world of WordPress.

In the ever-evolving world of web hosting and digital services, ensuring robust server security is paramount. WebJIVE, a prominent web hosting provider with a 20-year track record of excellence, recently overcame significant security challenges and elevated its server security game with Imunify360.

Duplika, an 18-year-old dedicated hosting provider, faced a critical challenge: escalating cyber threats compromising client trust. IP blocks, outdated security measures, and compromised sites threatened their reputation until Imunify360 entered the fray.

At Imunify, we’re committed to empowering businesses with cutting-edge security solutions. Discover how Snel.com, renowned for being "Your Friendly Hosting Provider" from the Netherlands, revolutionized their server management services with Imunify360.

We’re pleased to announce the support of Debian 12 (Plesk, DirectAdmin, and generic panels, see stand-alone integration) by Imunify products with one important note: Imunify360-firewall required legacy iptables support. To turn it on execute the following commands:

Imunify360 researchers have identified a growing number of malicious redirects on Joomla CMS.

In this post, discover how Imunify360 is leading the charge against a sophisticated cyber threat targeting Joomla CMS. This post delves into the rise of malicious redirects caused by a deceptive fake-plugin, capable of injecting harmful scripts into websites. Learn about the insidious mechanism of this threat, which targets unsuspecting visitors with phishing and malware, and how Imunify360's advanced security measures, including its proactive scanner and comprehensive defense system, offer robust protection against such evolving cyber dangers. Protect your Joomla site with Imunify360's integrated antivirus, firewall, and WAF, ensuring the safety and integrity of your online presence.

One of the easiest ways to attack a web site is to gain entry through a content management system, such as WordPress. To do this, hackers try to force a login to a site’s WordPress installation using frequently used passwords. These sorts of attacks are known as brute-force attacks. Additionally, read our website hosting security and WordPress Security article and learn how to keep your website secure.