Sucuri is a security company, focusing on protecting open source websites. OsloNAP has been utilizing Sucuri’s database for our malware daily checking. Every quarter, Sucuri releases a report about hacked situations, based on the sites they worked on.
In the Sucuri hacked report Q2/2016, in over 9000 sites, the major is still WordPress. This confirms that WordPress is still growing up, leading ahead when comparing to other open source scripts such as Joomla, Drupal or Magento. Despite that, the percent of outdated WordPress sites is the lowest, thanks to the easy-to-use feature of WordPress, while Magento is the highest.
For WordPress, one of the most attacked plugins is still Gravity Forms, a popular form script. While it is still a full-of-features script, we have already recommended our customers to use WPForms, a very simple but powerful form-script. WPForms keeps adding features too, and of course, at OsloNAP, we keep you up-to-date.
For our owned investigation, spamming is the most exploit for hacking. We provide outgoing spam filters for some shared hosting companies, and anytime we notice their sites have trouble, our spam gateways also catch thousands of spams. That is still a big issue in shared hosting environment.
If you are interested, you can download Sucuri report here. It might have some technical terms, but feel free to drop me an email with your question if you want some help.