WordPress
New WordPress update a must for users
A new stable version of the popular free open source blogging tool WordPress is available for download, and users are advised to do get a move on and install it, as it’s …
New mass injection wave of WordPress websites
Websense has detected a new wave of mass-injections of a well-known rogue antivirus campaign. The majority of targets are Web sites hosted by the WordPress content management …
Large-scale spam campaign uses compromised webmail accounts and WordPress sites
A spam campaign currently under way has been spotted coming from several thousand compromised Yahoo!, AOL and Hotmail email accounts and taking advantage of compromised …
BackTrack adds RandomStorm WordPress scanner
RandomStorm’s WPScan, the free WordPress security scanner, has been added to the latest version of BackTrack. BackTrack is an open source operating system that provides …
Vulnerability in TimThumb WordPress plugins: The effects
With the popularity of the WordPress blogging platform, security researchers here at Websense Security Labs are sure to sit up and take note of any reported zero-day threats …
4,300+ compromised WordPress blogs poison Google Image Search results
Google Image Search has for a while now been littered with images that lure users to compromised sites that serve as doorway pages to other malicious sites. Part of the …
Zero-day bug found in WordPress themes
A bug in a popular WordPress utility is being misused by attackers to upload and make appear on the targeted site annoying and possibly malicious content. The bug was …
Is WordPress next in line for silent updates?
Silent software updates are still a topic of contention in the security world, but the successful implementation of the process by Google for its Chrome browser has definitely …
WordPress 3.1.4 fixes security issues
WordPress 3.1.4 is available now and is a maintenance and security update for all previous versions. This release fixes an issue that could allow a malicious Editor-level user …
WordPress users endangered by Trojanized plugins
Three popular WordPress plugins have been Trojanized by unknown individuals and made available for download, warned WordPress yesterday. “Earlier today the WordPress …
WordPress 3.1.2 security release available
WordPress 3.1.2 is now available, it’s a security release for all previous WordPress versions. This release addresses a vulnerability that allowed Contributor-level …
WordPress.com servers breached, source code presumed copied
Automattic – the web development corporation behind WordPress.com – has suffered a root break-in and a compromise of several of their servers. “We have been …
Featured news
Resources
Don't miss
- Fake OAuth client IDs are helping attackers slip past sign-in logs
- Security threat prompts Progress to disable ShareFile accounts, tell customers to shut down servers
- Why SBOMs, signing, and provenance still don’t tell you if software is safe
- Cynative: Open-source deep research agent
- Microsoft demystifies how Windows updates work