Blog Sections Open
Responding to a jQuery ScrollTo Malware Infection
Why a compromised third-party script can infect multiple sites at once and what to audit after discovering malicious code inside jQuery.ScrollTo.
When a popular JavaScript library is compromised, the infection spreads quietly because many sites trust the same file and reuse the same deployment habits. In this case the danger was not only the script itself, but the assumption that frontend utility files were “safe enough” to ignore.
What to Do Immediately
- replace the compromised file with a clean copy from a verified source
- scan all reused libraries, not just the one where the payload was found
- rotate credentials and review who had write access to the affected server
- check deployment archives so the malware does not return with the next upload
If one shared script was altered, treat the event as a supply-path problem until proven otherwise.
Why Friendly Pagination Rewrites Can Break TinyMCE and Other Manager Paths
How a seemingly successful rewrite from <code>?page=2</code> to <code>/page2/</code> can accidentally block manager tools and media dialogs.
Preventing DirectResize from Touching TV and multiTV Images
How to keep DirectResize active for editor content images while excluding TV-based and multiTV-based uploads that should stay untouched.