Bricks Builder vulnerability exploited within 5hrs - what are the lessons learned?

The February 2024 Bricks Builder attack: Lessons learned Hi, {NAME}! Last week, Bricks Builder was hit by attacks exploting [an RCE (Remote Code Execution)]( plugin vulnerability, which Patchstack discovered and reported first. If you're a Patchstack Developer or Business user, or have [Real-Time Protection]( enabled, you've been safe since we issued a vPatch for it. However, in this newsletter, we look at what you can do now and in the future to prevent exploits like these from affecting your website.   What should I do if I use Bricks Builder? The security update for the plugin is released. Check your WordPress dashboard and update the plugin immediately. If you're a paid Patchstack user, the vPatch has been applied to your connected sites, so you can update the plugin at your convenience. If you believe your website has been compromised, check it for unauthorized access and unauthorized changes like new users. [Follow our recommendations in this guide.](   4 lessons learned With vulnerability exploits like these, we always ask ourselves: what can we do to prevent things from unfolding as they did in this situation? Our CEO, Oliver Sild, weighs in on the exploit: - The vulnerability was exploited within 5 hours of the security update being published - even though the technical details of [the issue]( were not released! Always apply security updates immediately, or make sure your site is covered by [vPatches.]( 🩹 - Bricks team took and communicated the issue seriously and promptly. They quickly fixed the issue and shared it with users. This is a sign of a trusted developer! - Vulnerabilities like these are often hidden in plugins for a very long time. Security researchers who voluntarily audit plugins should be seen and valued as equal contributors to WordPress projects. - Bricks is a lot more secure now. And, more importantly, a lot more trustworthy. Software without known vulnerabilities is not necessarily secure. But software that has previous vulnerabilities found says it's been tested to some extent.   How does Patchstack prevent incidents? Think of it as bolting the broken door until the locksmith (the plugin update) arrives. Patchstack issues [automatic vPatches](, firewall block rules that target potential exploits against this specific vulnerability, as soon as it's discovered. And as the #1 vulnerability discloser with the fastest protection and mitigation, Patchstack protects you without altering your website's code.   Stay in the know with Weekly Security Lessons We are launching a newsletter with critical WordPress security lessons and the vital news to protect your WordPress websites. Receive the weekly security updates by signing up on the link below: [Sign up]( If this email wasn't meant for you, please contact [support](. [( [( []( []( ©2024 Patchstack OÜ Aida 7, 80011 Pärnu, Estonia [Privacy policy]( ▪ [Manage no]([tifications]( ▪ [Unsubscribe](