- Security Fixes and Improvements
- By Catalin Cimpanu
- July 11th, 2016
Website Takeover Issue Fixed in WordPress' Most Popular Plugin
All in One SEO Pack affected by stored XSS issue
- Security
- By Catalin Cimpanu
- July 6th, 2016
Campaign of Infected WordPress and Joomla Sites Leads to CryptXXX Ransomware
Over 100 new websites infected every day
- Security Fixes and Improvements
- By Catalin Cimpanu
- June 22nd, 2016
WordPress 4.5.3 Fixes Bug That Allowed Password Change via Stolen Cookies
WordPress team fixes 8 security issues in total
- Server related
- By Catalin Cimpanu
- June 3rd, 2016
WordPress Sites Under Attack from New Zero-Day in WP Mobile Detector Plugin
Over 10,000 sites were exposed to hacking
- Server related
- By Catalin Cimpanu
- June 2nd, 2016
The World's Biggest Companies Use Outdated WordPress and Drupal Installations
Many of these face similar Panama Papers-level data breaches
- Security Fixes and Improvements
- By Catalin Cimpanu
- May 28th, 2016
Stored XSS in Jetpack Plugin Puts over One Million WordPress Sites at Risk
Users should update to Jetpack 4.0.3 as soon as possible
- Security
- By Catalin Cimpanu
- May 26th, 2016
Hackers Prefer File Upload, XSS, and SQLi Bugs When Attacking WordPress Sites
Infocus2 is the most attacked WordPress theme
- Security
- By Catalin Cimpanu
- May 24th, 2016
Pirated WordPress Plugin Leads to Hidden Malvertising, Black Hat SEO Spam
Campaign leads back to another Indian developer
- Web Blog
- By Catalin Cimpanu
- May 21st, 2016
WordPress Prepares Plugin Directory Redesign, Still Lacks Useful Information
New design strips even more info from plugin listings
- Web resources
- By Catalin Cimpanu
- May 20th, 2016
WordPress 4.6 Will Have a Different Font for the Admin Panel
WordPress reverts back to using system fonts
- Security
- By Catalin Cimpanu
- May 19th, 2016
A Quarter of All Hacked WordPress Sites Can Be Attributed to Three Plugins
WordPress was the most targeted CMS of Q1 2016
- Security Fixes and Improvements
- By Catalin Cimpanu
- May 7th, 2016
WordPress 4.5.2 Released to Fix XSS and SOME Security Bugs
Both flaws are in third-party components
- Security
- By Catalin Cimpanu
- May 5th, 2016
New Attack on WordPress Sites Redirects Traffic to Malicious URLs
Some Joomla sites are also affected by the same issue
- Security Fixes and Improvements
- By Catalin Cimpanu
- May 3rd, 2016
Stored XSS Bug Affects All bbPress WordPress Forum Versions
Attackers can gain control of the website by stealing cookies and impersonating admins or moderators
- Security
- By Catalin Cimpanu
- May 3rd, 2016
MosQUito Exploit Stealing Legitimate Traffic from WordPress and Joomla Websites
Attackers work by replacing jQuery.min.js on hacked sites with a malicious file named jQuery.min.php
- Security Blog
- By Catalin Cimpanu
- April 20th, 2016
Exploit Kit Hiding as Social Buttons on Hacked WordPress and Joomla Sites
Clever domain names help crooks fool webmasters
- Hacking News
- By Catalin Cimpanu
- April 19th, 2016
Pro-ISIS Group Defaces 88 Websites in Three-Day Rampage
Team System Dz comes back to life with new attacks