A popular brand of WordPress plugins was recently weaponized to download and spread malicious code. The new, potentially ...

An attacker purchased 30+ WordPress plugins on Flippa, planted backdoors that lay dormant for eight months, then activated ...

A 2026 WordPress supply-chain attack allegedly turned 30+ sold plugins into a dormant backdoor operation that hid SEO spam from site owners, persisted beyond a forced update, and exposed deep ...

Cloudflare, the cloud provider that connects millions of sites to the internet, wants to “fix” another digital giant: ...

Hackers hijacked the update system for the Smart Slider 3 Pro plugin for WordPress and Joomla, and pushed a malicious version ...

WordPress delayed the release of the highly anticipated version 7.0 of the CMS because the real-time collaboration (RTC) ...

Cloudflare has lifted the wraps off EmDash, a new open source CMS that it deems to be the "spiritual successor" to WordPress.

A vulnerability in the Smart Slider 3 WordPress plugin, active on more than 800,000 websites, can be exploited to allow subscriber-level users access to arbitrary files on the server.

Automattic has added write capabilities to WordPress.com’s MCP integration, giving AI agents like Claude and ChatGPT the ability to create posts, build pages, manage comments, and restructure content, ...

Web hosting platform WordPress.com is embracing AI agents, a decision that could change the look and feel of the web. The company announced Friday that it will now allow AI agents to draft, edit, and ...