Security News

WordPress Launches Public Bug Bounty Program (SecurityWeek)
2017-05-17 08:18

Session Hijacking, Cookie-Stealing WordPress Malware Spotted (Threatpost)
2017-05-10 20:03

Researchers spotted a strain of cookie stealing malware, injected into a legitimate JavaScript file, masquerading as a WordPress core domain.

WordPress admins, take note: RCE and password reset vulnerabilities revealed (Help Net Security)
2017-05-04 18:59

Independent security researcher Dawid Golunski has released a proof-of-concept exploit code for an unauthenticated remote code execution vulnerability in WordPress 4.6 (CVE-2016-10033), and...

Unpatched WordPress Password Reset Vulnerability Lingers (Threatpost)
2017-05-04 16:46

A zero day vulnerability exists in WordPress Core that in some instances, could allow an attacker to reset a user's password and in turn, gain access to their account.

Unpatched Wordpress Flaw Could Allow Hackers To Reset Admin Password (The Hackers News)
2017-05-04 11:11

WordPress, the most popular CMS in the world, is vulnerable to a logical vulnerability that could allow a remote attacker to reset targeted users’ password under certain circumstances. The...

Unpatched WordPress Password Reset Flaw Disclosed (SecurityWeek)
2017-05-04 09:03

WordPress Attacks Powered by Router Botnet Drop Rapidly (SecurityWeek)
2017-05-03 10:18

Thousands of Hacked Routers Used for WordPress Attacks (SecurityWeek)
2017-04-12 16:32

Is Your Router Helping Criminals Attack WordPress Sites? (Forbes)
2017-04-12 12:48

Sathurbot Botnet Targets WordPress Accounts (SecurityWeek)
2017-04-07 19:18