Security News

Tens of thousands WordPress sites defaced, SEO spam to follow (Help Net Security)
2017-02-08 16:24

Attackers are actively exploiting the recently patched unauthenticated privilege escalation vulnerability in WordPress’ REST API to deface websites. Sucuri, the company that discovered the flaw...

Thousands of WordPress websites defaced through patch failures (ZDNet)
2017-02-08 12:21

Attackers Capitalizing on Unpatched WordPress Sites (Threatpost)
2017-02-07 21:07

WordPress sites slow to update to the recent 4.7.2 security release run the risk of falling victim to a handful of defacement attacks spotted by Sucuri.

Many WordPress Sites Hacked via Recently Patched Flaw (SecurityWeek)
2017-02-07 13:06

WordPress Silently Fixed Privilege Escalation Vulnerability in 4.72 Update (Threatpost)
2017-02-02 19:57

WordPress silently fixed a serious content injection vulnerability when it pushed out its latest security release, 4.7.2, last week

WordPress kept users and hackers in the dark while secretly fixing critical zero-day (Help Net Security)
2017-02-02 17:09

Last week WordPress released the newest version (4.7.2) of the popular CMS, ostensibly fixing three security issues affecting versions 4.7.1 and earlier. What the WordPress team didn’t share at...

WordPress: Why we didn't tell you about a big zero-day we fixed last week (ZDNet)
2017-02-02 13:21

WordPress Delayed Disclosure of Critical Vulnerability (SecurityWeek)
2017-02-02 09:35

WordPress fixed god-mode zero day without disclosing the problem (The Register)
2017-02-02 02:20

WordPress patches dangerous XSS, SQL injection bugs (ZDNet)
2017-01-30 05:20