WordPress
New mass injection wave of WordPress websites
Websense has detected a new wave of mass-injections of a well-known rogue antivirus campaign. The majority of targets are Web sites hosted by the WordPress content management …
Large-scale spam campaign uses compromised webmail accounts and WordPress sites
A spam campaign currently under way has been spotted coming from several thousand compromised Yahoo!, AOL and Hotmail email accounts and taking advantage of compromised …
BackTrack adds RandomStorm WordPress scanner
RandomStorm’s WPScan, the free WordPress security scanner, has been added to the latest version of BackTrack. BackTrack is an open source operating system that provides …
Vulnerability in TimThumb WordPress plugins: The effects
With the popularity of the WordPress blogging platform, security researchers here at Websense Security Labs are sure to sit up and take note of any reported zero-day threats …
4,300+ compromised WordPress blogs poison Google Image Search results
Google Image Search has for a while now been littered with images that lure users to compromised sites that serve as doorway pages to other malicious sites. Part of the …
Zero-day bug found in WordPress themes
A bug in a popular WordPress utility is being misused by attackers to upload and make appear on the targeted site annoying and possibly malicious content. The bug was …
Is WordPress next in line for silent updates?
Silent software updates are still a topic of contention in the security world, but the successful implementation of the process by Google for its Chrome browser has definitely …
WordPress 3.1.4 fixes security issues
WordPress 3.1.4 is available now and is a maintenance and security update for all previous versions. This release fixes an issue that could allow a malicious Editor-level user …
WordPress users endangered by Trojanized plugins
Three popular WordPress plugins have been Trojanized by unknown individuals and made available for download, warned WordPress yesterday. “Earlier today the WordPress …
WordPress 3.1.2 security release available
WordPress 3.1.2 is now available, it’s a security release for all previous WordPress versions. This release addresses a vulnerability that allowed Contributor-level …
WordPress.com servers breached, source code presumed copied
Automattic – the web development corporation behind WordPress.com – has suffered a root break-in and a compromise of several of their servers. “We have been …
WordPress 3.1.1 fixes security issues
WordPress 3.1.1 is now available. This maintenance and security release fixes almost thirty issues in 3.1. Fixes: Some security hardening to media uploads Performance …
Featured news
Resources
Don't miss
- Google fixes actively exploited Android vulnerability (CVE-2025-48595)
- Red Hat npm packages compromised in new Mini Shai-Hulud malware wave
- Zero trust physical security needs trust decisions at the edge
- Why you need BAS and autonomous pentesting together
- This AI model backdoor attack stays hidden until you customize the model