- Security
- By Catalin Cimpanu
- February 2nd, 2016
Compromised WordPress Sites Hijacked Over and Over Again to Push Malware
Attacker is using an unknown backdoor to reinfect websites
- Advisories
- By Catalin Cimpanu
- January 23rd, 2016
Web Reconnaissance Attack Infects 3,500 Websites, Possibly WordPress
Attackers are adding unauthorized code at the top of infected websites, over 3,500 sites already infected
- Security Blog
- By Catalin Cimpanu
- January 6th, 2016
WordPress 4.4.1 Security Release Fixes XSS Bug
New WP release also adds support for the latest emojis
- Web Blog
- By Catalin Cimpanu
- December 11th, 2015
PHP7 Loses to HHVM in Latest Benchmarks Despite Launching Stable Version
Latest PHP 7 version not as fast as initially thought
- Data Breaches
- By Catalin Cimpanu
- December 10th, 2015
WordPress Hosting Service WP Engine Announces Data Breach Update
Company resets passwords for all clients, just to be safe
- Web resources
- By Catalin Cimpanu
- December 9th, 2015
WordPress 4.4 Comes with Full Support for Responsive Images, New Default Theme
WordPress now also includes a powerful REST API interface
- Web resources
- By Catalin Cimpanu
- November 24th, 2015
Differences Between the New WordPress Dashboard and the Old WP Admin Panel
A comparison between the new and the old WP admin panel
- Web resources
- By Catalin Cimpanu
- November 24th, 2015
Automattic Redesigns WordPress Dashboard, Prepares to Dump PHP for JavaScript
New dashboard is already active on WordPress.com
- Security Fixes and Improvements
- By Catalin Cimpanu
- November 18th, 2015
XSS Vulnerability Fixed in the WordPress WooCommerce Plugin
Hard to exploit, but a bountiful bug for hackers
- Security
- By Catalin Cimpanu
- November 13th, 2015
2015: WordPress Sites Saw a 250 Percent Rise in Attacks
Healthcare sector was also hit hard by hackers
- Web Blog
- By Catalin Cimpanu
- November 12th, 2015
One in Five Lines of Code Is Written in Java
One in two CMS installations is WordPress
- Security
- By Catalin Cimpanu
- November 12th, 2015
Cryptographically Secure Passwords Coming to WordPress, Laravel, and Symfony, but Not Joomla
Popular PHP projects will get a boost in cryptography
- Web Blog
- By Catalin Cimpanu
- November 9th, 2015
A Quarter of the Internet Runs on WordPress
WordPress also has a 58% market share among CMSs
- Spam Reports
- By Catalin Cimpanu
- November 3rd, 2015
Spam Botnet Leverages Vulnerable WordPress Sites
Botnet infects machines via Linux binaries and PHP scripts
- Security
- By Catalin Cimpanu
- October 17th, 2015
XSS Bug Fixed in Akismet Anti-Spam WordPress Plugin
Automattic also sets up a protection system for older plugin versions, where the admin forget to upgrade it
- Security
- By Catalin Cimpanu
- October 9th, 2015
WordPress XML-RPC Service Used to Amplify Brute-Force Attacks
Hackers are hiding hundreds or thousands of username/password combinations in one single XML-RPC request
- Security Fixes and Improvements
- By Catalin Cimpanu
- October 2nd, 2015
Stored XSS in Jetpack Plugin Allows Attackers to Run Code in the WordPress Backend
XSS bug affected Jetpack's custom contact form module