WordPress
Large-scale spam campaign uses compromised webmail accounts and WordPress sites
A spam campaign currently under way has been spotted coming from several thousand compromised Yahoo!, AOL and Hotmail email accounts and taking advantage of compromised …
BackTrack adds RandomStorm WordPress scanner
RandomStorm’s WPScan, the free WordPress security scanner, has been added to the latest version of BackTrack. BackTrack is an open source operating system that provides …
Vulnerability in TimThumb WordPress plugins: The effects
With the popularity of the WordPress blogging platform, security researchers here at Websense Security Labs are sure to sit up and take note of any reported zero-day threats …
4,300+ compromised WordPress blogs poison Google Image Search results
Google Image Search has for a while now been littered with images that lure users to compromised sites that serve as doorway pages to other malicious sites. Part of the …
Zero-day bug found in WordPress themes
A bug in a popular WordPress utility is being misused by attackers to upload and make appear on the targeted site annoying and possibly malicious content. The bug was …
Is WordPress next in line for silent updates?
Silent software updates are still a topic of contention in the security world, but the successful implementation of the process by Google for its Chrome browser has definitely …
WordPress 3.1.4 fixes security issues
WordPress 3.1.4 is available now and is a maintenance and security update for all previous versions. This release fixes an issue that could allow a malicious Editor-level user …
WordPress users endangered by Trojanized plugins
Three popular WordPress plugins have been Trojanized by unknown individuals and made available for download, warned WordPress yesterday. “Earlier today the WordPress …
WordPress 3.1.2 security release available
WordPress 3.1.2 is now available, it’s a security release for all previous WordPress versions. This release addresses a vulnerability that allowed Contributor-level …
WordPress.com servers breached, source code presumed copied
Automattic – the web development corporation behind WordPress.com – has suffered a root break-in and a compromise of several of their servers. “We have been …
WordPress 3.1.1 fixes security issues
WordPress 3.1.1 is now available. This maintenance and security release fixes almost thirty issues in 3.1. Fixes: Some security hardening to media uploads Performance …
WordPress.com target of extensive DDoS attack
WordPress.com has been targeted by an extensive DDoS attack, and the millions of blogs it hosts have been temporarily unavailable or have been experiencing occasional …
Featured news
Resources
Don't miss
- Millions of Android devices roped into Badbox 2.0 botnet. Is yours among them?
- June 2025 Patch Tuesday forecast: Second time is the charm?
- Why IAM should be the starting point for AI-driven cybersecurity
- Protecting patient data starts with knowing where it’s stored
- Ransomware and USB attacks are hammering OT systems