Searchenginejournal.com

WordPress Plugins Compromised At The Source – Supply Chain Attack

Typically what happens is that a plugin contains a weakness (a vulnerability) that allows an attacker to compromise individual sites that use that version of a plugin. But these compromises are ...
Bleeping Computer

WordPress fixes POP chain exposing websites to RCE attacks

WordPress has released version 6.4.2 that addresses a remote code execution (RCE) vulnerability that could be chained with another flaw to allow attackers run arbitrary PHP code on the target website.
TechSpot

The ongoing feud between Wordpress and WP Engine is threatening open-source principles and ...

A hot potato: David Heinemeier Hansson was recognized as "Hacker of the Year" for developing the open-source web framework Ruby on Rails in 2004. The Danish software engineer has joined the clash ...
Bleeping Computer

Hackers abuse WordPress MU-Plugins to hide malicious code

Hackers are utilizing the WordPress mu-plugins ("Must-Use Plugins") directory to stealthily run malicious code on every page while evading detection. The technique was first observed by security ...
The Verge

The latest on the WordPress fight over trademarks and open source

In late September, Automattic CEO and WordPress cofounder Matt Mullenweg started a public dispute with the hosting provider WP Engine, calling the company “a cancer to WordPress.” He accused WP Engine ...
9to5Mac

Court forces removal of login box in WordPress vs WP Engine battle [U]

You may be aware of a bizarre feud between WordPress co-creator Matt Mullenweg and website hosting platform WP Engine. If not, you’ll find a recap below. But things took a very silly turn today when ...
Courthouse News Service

Web host accuses WordPress founder of extortion attempt of millions of dollars in trademark ...

The Northern District of California's San Francisco federal courthouse located at Phillip Burton Federal Building & United States Courthouse in San Francisco, Calif. (Natalie Hanson / Courthouse News) ...