Wordfence

Flawed WordPress theme may allow admin account takeover on 22,000+ sites (CVE-2025-4322)
A critical vulnerability (CVE-2025-4322) in Motors, a WordPress theme popular with car/motor dealerships and rental services, can be easily exploited by unauthenticated …

Compromised plugins found on WordPress.org
An unknown threat actor has compromised five (and possibly more) WordPress plugins and injected them with code that creates a new admin account, effectively allowing them …

Researchers release PoC for Fortinet firewall flaw, exploitation attempts mount
Horizon3.ai researchers have released a PoC exploit for CVE-2022-40684, the authentication bypass vulnerability affecting Fortinet‘s firewalls and secure web gateways, …

GoDaddy breach: SSL keys, sFTP, database passwords of WordPress customers exposed
GoDaddy, the popular internet domain registrar and web hosting company, has suffered a data breach that affected over a million of their Managed WordPress customers. What …

Attackers tried to grab WordPress configuration files from over a million sites
A threat actor that attempted to insert a backdoor into nearly a million WordPress-based sites in early May (and continued to try throughout the month), tried to grab …

Nearly a million WordPress sites targeted in extensive attacks
A threat actor is actively trying to insert a backdoor into and compromise WordPress-based sites to redirect visitors to malvertising. “While our records show that this …

Attackers are exploiting vulnerable WP plugins to backdoor sites
A group of attackers that has been injecting WordPress-based sites with a script redirecting visitors to malicious and fraudulent pages has now also started backdooring the …
Featured news
Resources
Don't miss
- June 2025 Patch Tuesday forecast: Second time is the charm?
- Why IAM should be the starting point for AI-driven cybersecurity
- Protecting patient data starts with knowing where it’s stored
- Ransomware and USB attacks are hammering OT systems
- Meta open-sources AI tool to automatically classify sensitive documents