AppCheck Security Blog

50,000 Websites Hacked Through Critical WordPress Vulnerability

Over 50,000 websites have been compromised within the first three weeks following the disclosure of a critical vulnerability in the MailPoet plugin (formerly known as Wysija Newsletter) for WordPress.

read more

50,000 Websites Hacked Through Critical WordPress Vulnerability

Over 50,000 websites have been compromised within the first three weeks following the disclosure of a critical vulnerability in the MailPoet plugin (formerly known as Wysija Newsletter) for WordPress.

Read more

Apache Struts Vulnerability – Use AppCheck NG to Discover if You Are Affected

Apache Struts 2 is an open-source web application framework for developing Java EE web applications. It uses and extends the Java Servlet API to encourage developers to adopt a model–view–controller (MVC) architecture.

On April 24th the Apache Struts project released an advisory for a remote code execution vulnerability affecting all versions of Struts between 2.0.0 and 2.3.16.1. Struts 2.3.16.2 (the latest release) is not vulnerable.

Read more

AppCheck NG Updated to Discover Critical OpenSSL Bug “Heartbleed”

On 7th April 2014 a group of security researchers disclosed a critical security flaw in the popular cryptographic software library OpenSSL.
The Heartbleed Bug allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet.
The AppCheck NG Web Application and Infrastructure vulnerability scanner has already been updated with a plugin to detect the flaw.

Read more