Wordfence Research and News

Blog icon
Newest

Breaking: Aggressive WordPress Brute Force Attack Campaign Started Today, 3am UTC

A massive distributed brute force attack campaign targeting WordPress sites started this morning at 3am Universal Time, 7pm Pacific Time. The attack is broad in that it uses a large number of attacking IPs, and is also deep in that each IP is generating a huge number of attacks. This is the most aggressive campaign …
Read More

In-Depth Analysis of a Criminal Organization Targeting WordPress Websites

Today we are posting an in-depth analysis of a prolific brute force attacker.

XMLRPC or WP-Login: Which do Brute Force Attackers Prefer

At Wordfence we constantly analyze attack patterns to improve the protection our firewall and malware scan provides.

Huge Increase in Brute Force Attacks in December and What to Do

Update: We posted a follow-up to this post on Monday December 19th which goes into more detail about the Ukraine IP block where these attacks originate from and we discuss possible Russia involvement.
  • Ask Wordfence
  • General Security
  • Holiday
  • Learning
  • Long Read
  • Miscellaneous
  • Monthly Attack Activity Report
  • Podcasts
  • PSA
  • Research
  • SEO
  • Threat Research
  • Uncategorized
  • Videos
  • Vulnerabilities
  • Wordfence
  • Wordfence CLI
  • Wordfence Intelligence
  • WordPress Security

    • Breaking WordPress Security Research in your inbox as it happens.

    Example of a news story

    This site uses cookies in accordance with our Privacy Policy.