We are only human, and one of the traits of being a human is that we make mistakes. On the other hand, we are also self-correcting, meaning we tend to learn from our mistakes and hopefully are thereby able to avoid making the same ones twice. A lo...

WordPress was issued a critical security Patch to users, after millions of websites were at risk of a bug that allows attackers to take control of a system. If your WordPress site allows users to post comments via the WordPress commenting system,...

On Tuesday, Researchers at the FBI continue to identify WordPress vulnerabilities as the door through which ISIS hackers are able to spread propaganda. The FBI said that the low-level attacks are from those seeking the notoriety of being associat...

Google Analytics by Yoast is a WordPress plug-in for monitoring website traffic. With approximately seven million downloads it’s one of the most popular WordPress plug-ins. A security vulnerability in the plug-in allows an unauthenticated attac...

WordPress popular plug-in MailPoet are being urged to update it, following the discovery of a vulnerability that has so far led to 50,000 websites becoming compromised. The security flaw is located in MailPoet Newsletters, previously known as wys...

New vulnerability found in WordPress, A zero-day vulnerability in the popular TimThumb plugin for WordPress leaves many websites vulnerable to exploits that allow unauthorized attackers to execute malicious code. The vulnerability involved poor h...

Vulnerability found in the all in one SEO pack WordPress, the All in One SEO Pack just released a new version of their popular WordPress plugin. Security release patching two privilege escalation vulnerabilities we discovered earlier this week th...

WordPress is a free and open source blogging tool and a content management system (CMS) based on PHP and MySQL, which runs on a web hosting service. Features include a plug-in architecture and a template system.  WordPress is used by more than 18...

According Sucuri Nearly 2,000 Websites are compromised with iFrames vulnerability in WordPress OptimizePress Theme, all of the contaminated websites that are reviewed and cleared using OptmizePress, and they all had the same iFrame injected. Goog...

WordPress plugins had a malicious backdoor added to them via the plugin repository. That lead to WordPress.org resetting all passwords as a precaution. You can read about it here: Passwords Reset. I must note that the WP.org team did a amazing job...

A security researcher is warning WordPress uses that a popular plugin may leave sensitive information from their blog accessible from the public Internet with little more than a Google search. The researcher, Jason A. Donenfeld, who uses the han...

RARSTONE is the name of the RAT (REMOTE ACCESS TOOL) used in a cyber espionage campaign dubbed “Naikon” uncovered by security experts at TrendMicro. Security experts at TrendMicro revealed to have detected the RARSTONE RAT studying targeted atta...

Most WordPress bloggers know the “Always keep your WordPress blog up-to-date” mantra. To make upgrades painless, WordPress developers introduced the “Automatic Update” features in version 2.7. A blog admin only needs to visit the “Update WordPress”...

I first came across this attack in late May of 2012. It had quite a recognizable and frequently updated type of malicious JavaScript code injected in the  section of WordPress blogs and iframe URLs generated by this script always ended with t...