Security News

One told to take down posts that said nice things about WP Engine Organisers of WordCamps, community-organized events for WordPress users, have been ordered to take down some social media posts...

WordPress sites are being hacked to install malicious plugins that display fake software updates and errors to push information-stealing malware. [...]

Also, new EU cyber reporting rules are live, exploiters hit the gas pedal, free PDNS for UK schools, and more in brief A critical security update for the near-ubiquitous WordPress plugin Jetpack...

The maintainers of the Jetpack WordPress plugin have released a security update to remediate a critical vulnerability that could allow logged-in users to access forms submitted by others on a...

Stories of virus and malware infections, data loss, system compromises, and unauthorized access dominate headlines, and your WordPress website may be contributing to the problem. Therefore, it is...

A new high-severity security flaw has been disclosed in the LiteSpeed Cache plugin for WordPress that could enable malicious actors to execute arbitrary JavaScript code under certain conditions....

WordPress.org has banned WP Engine from accessing its resources and stopped delivering plugin updates to websites hosted on the platform, urging impacted users to choose other hosting providers. [...]

That escalated quickly WordPress on Wednesday escalated its conflict with WP Engine, a hosting provider, by blocking the latter's servers from accessing WordPress.org resources – and therefore...

WordPress.org has announced a new account security measure that will require accounts with capabilities to update plugins and themes to activate two-factor authentication (2FA) mandatorily. The...

Starting October 1st, WordPress.org accounts that can push updates and changes to plugins and themes will be required to activate two-factor authentication (2FA) on their accounts. [...]