Latest Headlines

Latest Headlines

Hacked WordPress security plugin firm admits to storing passwords in plaintext

iThemes, a firm that sells a security plugin for WordPress, suffered a breach of its customer database, which stores passwords in plaintext, reports security blogger Graham Cluley.

Spotlight: Google leak prompts WordPress password reset

In response to the disclosure of data on 5 million Google accounts, WordPress is resetting the passwords on 100,000 of its accounts.

Attackers could 'plug in' to WordPress vulnerabilities

WordPress, the ubiquitous blogging and content management system software, has had its share of security issues. The latest involves cross-site scripting and cross-site request forgery vulnerabilities, as well as SQL injection flaws, in WordPress plugins.

Automattic acquires BruteProtect, boosts security for WordPress

WordPress has struggled in recent weeks with a spate of security issues ranging from  malware infections  to  denial-of-service vulnerabilities. It's not a big surprise then that Automattic, the open source development company behind WordPress, acquired security vendor BruteProtect last week for an undisclosed sum.

Over half of UK small businesses use WordPress

In a case of colossally bad timing, WordPress is finally getting some love from small business owners as a standalone content management system just as a series of security breaches and malware infections make the news.

Thousands of websites compromised by buggy WordPress plugin

At the heart of the problem is a recently patched security flaw in MailPoet, a plugin with over a million downloads.

Security firm warns of 'massive' malware infections impacting WordPress sites

Security firm Sucuri is warning WordPress admins that a "massive" malware infection is wreaking havoc on WordPress websites. Sites with outdated plugins or weak passwords are particularly at risk.    

PencilBlue takes aim at Drupal, WordPress

Blake Callens, CEO of the newly-released content management system  PencilBlue, makes no bones that he's  set his sights on overtaking WordPress  to become the dominant open source CMS option for content providers. Callens says it's "the first online publishing platform to meet all of the market's current needs." Can the company deliver on such a bold statement?

WordPress users: Cookies at a nearby Starbucks could be bad for you

Hackers can hijack a WordPress site through a public Wi-Fi connection because WordPress servers send the "wordpress_logged_in" cookie in plain text, instead of encrypting it.

More than 162,000 WordPress sites used to launch large DDoS attack

More than 162,000 WordPress sites were used to launch a large distributed denial of service attack against a target, according to security firm Sucuri.