A popular brand of WordPress plugins was recently weaponized to download and spread malicious code. The new, potentially ...

Email subscription bombing (also known as subscription flooding or email spam bombing) is an attack technique that overwhelms ...

An attacker purchased 30+ WordPress plugins on Flippa, planted backdoors that lay dormant for eight months, then activated ...

A 2026 WordPress supply-chain attack allegedly turned 30+ sold plugins into a dormant backdoor operation that hid SEO spam from site owners, persisted beyond a forced update, and exposed deep ...

Cloudflare, the cloud provider that connects millions of sites to the internet, wants to “fix” another digital giant: ...

Backdoored Smart Slider 3 Pro v3.5.1.35 update distributed for 6 hours via compromised infrastructure, enabling RCE and data ...

Hackers hijacked the update system for the Smart Slider 3 Pro plugin for WordPress and Joomla, and pushed a malicious version ...

Oracle Corp. named Schneider Electric SE executive Hilary Maxson as its chief financial officer to help the company navigate ...

Cloudflare has lifted the wraps off EmDash, a new open source CMS that it deems to be the "spiritual successor" to WordPress.

A vulnerability in the Smart Slider 3 WordPress plugin, active on more than 800,000 websites, can be exploited to allow subscriber-level users access to arbitrary files on the server.

Automattic has added write capabilities to WordPress.com’s MCP integration, giving AI agents like Claude and ChatGPT the ability to create posts, build pages, manage comments, and restructure content, ...

WordPress’s publishing software can now run entirely in the web browser, the organization behind the open source publishing software announced on Wednesday. Through a new service called ...