Case Study: The Script That Outlived Its App
A Shopify Plus store redirected shoppers to scam pages even though scanners reported it clean. The cause was an orphaned app script loading cloaked malware.
Read Details
A Shopify Plus store redirected shoppers to scam pages even though scanners reported it clean. The cause was an orphaned app script loading cloaked malware.
Read Details
A boutique advisory client's two WordPress sites were compromised through administrator access left over from the freelancer who built them: rogue admin accounts, gambling spam, and a file-manager backdoor. A full forensic remediation evicted the operator and cleaned and hardened both sites.
Read Details
An aged-care provider's WordPress site kept reinfecting after prior cleanups, with gambling spam and Search Console hijacks returning. The cause was database malware, two backdoors, and a stolen admin credential.
Read Details
How WordPress sites actually get hacked, what malware does once it's in, what cleanup means, and how to tell whether the advice you're getting is sound. Written for owners who run their own site and for owners working with a developer or agency.
Read Details
WordPress malware cleanup pricing in 2026, broken down by real-world scenarios. What straightforward cleanups cost, what serious compromises cost, and what changes the number.
Read Details