The free plugin is now available on the WordPress Plugin Directory, compatible with Contact Form 7, WPForms, Ninja ...

WordPress is losing market share, and over 10% of its sites are abandoned. Astro is getting downloaded 2.5 million times per ...

Cybercriminals are increasingly relying on social engineering instead of traditional exploits, and Australian authorities are ...

ClickFix relies on tricking users into essentially hacking themselves by running commands that compromise their computers. In ...

The Quick Page/Post Redirect plugin, installed on more than 70,000 WordPress sites, had a backdoor added five years ago that ...

More than 30 WordPress plugins in the EssentialPlugin package have been compromised with malicious code that allows unauthorized access to websites running them. A malicious actor planted the backdoor ...

More than 30 WordPress plugins were shut down after a supply-chain backdoor compromised thousands of sites through the Essential Plugin portfolio. A web developer discovered dozens of malicious ...

Malicious actor bought 31 WordPress plugins from Essential Plugin Updates injected backdoors, granting full site access Spam campaigns hidden from owners, C2 resolved via Ethereum smart contract A ...

Dozens of plug-ins for the widely used open source web blogging software WordPress are now offline after a backdoor was discovered in them, used to push malicious code to any website that relied on ...

A major WordPress supply chain attack has compromised more than 30 plugins from the EssentialPlugin suite, affecting hundreds of thousands of sites. The plugins were sold in early 2025 to a buyer who ...

More than 30 popular WordPress plugins were removed after investigators found backdoors inserted by a new owner following a business sale. The malicious code remained dormant for months before being ...

WordPress delays rollout of real-time collaboration. Matt Mullenweg cites WPE lawsuit as a background distraction slowing ...