Searchenginejournal.com

WordPress Plugins Compromised At The Source – Supply Chain Attack

Typically what happens is that a plugin contains a weakness (a vulnerability) that allows an attacker to compromise individual sites that use that version of a plugin. But these compromises are ...
The Times of Israel

Top WordPress Plugins for Jewish Webpages

I bet you’re running your organization’s webpage on WordPress. I’m guessing this because 25% of the web is run on WordPress, including this very website. WordPress is a free content management system ...
Bleeping Computer

Hunk Companion WordPress plugin exploited to install vulnerable plugins

Hackers are exploiting a critical vulnerability in the "Hunk Companion" plugin to install and activate other plugins with exploitable flaws directly from the WordPress.org repository. By installing ...
Gigwise

When WordPress Plugins Collide: How to Avoid Costly Conflicts

WordPress powers over 40% of the internet—and for good reason. It’s flexible, customizable, and accessible for businesses of all sizes. But with great flexibility comes complexity. And for corporate ...
The Verge

WordPress.org’s latest move involves taking control of a WP Engine plugin

WordPress co-founder Matt Mullenweg calls it “a rare and unusual situation” resulting from WP Engine’s legal moves. WordPress co-founder Matt Mullenweg calls it “a rare and unusual situation” ...
Bleeping Computer

WordPress.org to require 2FA for plugin developers by October

Starting October 1st, WordPress.org accounts that can push updates and changes to plugins and themes will be required to activate two-factor authentication (2FA) on ...