At the heart of the problem is a recently patched security flaw in MailPoet, a plugin with over a million downloads.
Security firm Sucuri is warning WordPress admins that a "massive" malware infection is wreaking havoc on WordPress websites. Sites with outdated plugins or weak passwords are particularly at risk.
Blake Callens, CEO of the newly-released content management system PencilBlue, makes no bones that he's set his sights on overtaking WordPress to become the dominant open source CMS option for content providers. Callens says it's "the first online publishing platform to meet all of the market's current needs." Can the company deliver on such a bold statement?
Hackers can hijack a WordPress site through a public Wi-Fi connection because WordPress servers send the "wordpress_logged_in" cookie in plain text, instead of encrypting it.
More than 162,000 WordPress sites were used to launch a large distributed denial of service attack against a target, according to security firm Sucuri.
WordPress is working on writing and editing in place.
WordPress delivered its latest update this week.
Vulnerabilities in WordPress continue, with the latest example being the website hacking of Canadian internet services company Storm, reports Chris Larsen, a security researcher at BlueCoat.
WordPress 3.7 is here.
Automattic bought startup Cloudup last week.