The Quick Page/Post Redirect plugin, installed on more than 70,000 WordPress sites, had a backdoor added five years ago that ...

An attacker purchased 30+ WordPress plugins on Flippa, planted backdoors that lay dormant for eight months, then activated ...

More than 30 WordPress plugins were shut down after a supply-chain backdoor compromised thousands of sites through the ...

Hackers are actively exploiting a critical vulnerability in the Breeze Cache plugin for WordPress that allows uploading ...

More than 30 popular WordPress plugins were removed after investigators found backdoors inserted by a new owner following a business sale. The malicious code remained dormant for months before being ...

WordPress delayed the release of the highly anticipated version 7.0 of the CMS because the real-time collaboration (RTC) feature was not yet stable. The delay has caused some to question whether the ...

We show you step-by-step how to make a small business website to help you connect with customers and increase credibility.

More than 30 WordPress plugins tied to the developer Essential Plugin were taken offline after a hidden backdoor was found in code distributed to live websites, exposing site owners to unauthorised ...

In March 2026, Trivy, one of the most widely used open-source vulnerability scanners in the Kubernetes ecosystem, was weaponized against the very organizations that relied on it for security.

Cloudflare created an open-source CMS it calls a "spiritual successor to WordPress" — but WordPress is having none of it. Cloudflare has unveiled EmDash, a new open-source content management system ...

Dozens of WordPress plugins were allegedly hijacked to push malware after they were sold to a new corporate owner.