Searchenginejournal.com

WordPress Developer Publishes Code To Block Mullenweg’s Web Hosting Clients

A prolific WordPress plugin publisher who has created over three dozen free plugins has released code that other plugin and theme publishers can use to block client’s of Matt Mullenweg’s WordPress.com ...
Bleeping Computer

50K WordPress sites exposed to RCE attacks by critical bug in backup plugin

A critical severity vulnerability in a WordPress plugin with more than 90,000 installs can let attackers gain remote code execution to fully compromise vulnerable websites. Known as Backup Migration, ...
Dark Reading

'Etherhiding' Blockchain Technique Masks Malicious Code in WordPress Sites

A threat actor has been abusing proprietary blockchain technology to hide malicious code in a campaign that uses fake browser updates to spread various malware, including the infostealers RedLine, ...
Bleeping Computer

Hackers exploit WordPress plugin flaw to infect 3,300 sites with malware

Hackers are breaching WordPress sites by exploiting a vulnerability in outdated versions of the Popup Builder plugin, infecting over 3,300 websites with malicious code. The flaw leveraged in the ...
Security Boulevard

CVE-2026-1357: WordPress Plugin RCE Exposes Sites to Full Takeover

CVE-2026-1357 exposes a critical WordPress WPvivid plugin flaw, allowing unauthenticated RCE, enabling attackers to upload PHP files and fully compromise sites. The post CVE-2026-1357: WordPress ...