SoakSoak malware hits over 100,000 WordPress websites

Do you run WordPress on your website? Are you confident that your plugins are secure?

TimThumb plugin Webshot zero-day uncovered, WordPress websites at risk

If your self-hosted WordPress website is using the TimThumb code, be warned that serious remote code execution vulnerability has been discovered that could allow malicious hackers to wreak havoc on your server.

Serious security hole found in SEO plugin used by millions of WordPress users. Update now

Do you use the popular All in One SEO Pack plugin on your WordPress website?

If so, you need to update the plugin as soon as possible to the latest version.


WooThemes hacked. Premium WordPress theme manufacturer warns of credit card leak

There’s bad news today if you are a customer of WooThemes, the popular WordPress theme manufacturer.

Read more in my article on the Hot For Security blog.

Hackers trick 162,000 unsuspecting WordPress sites into launching DDoS attack

If you’re a bad guy wanting to blast a website off the internet, the obvious method is to use a distributed denial-of-service (DDoS) attack.

But you don’t need a botnet of compromised computers to help you…

NHS websites awash with security vulnerabilities. Ensure your WordPress site is running up-to-date software

Websites run by Britain’s National Heath Service (NHS) are riddled with security vulnerabilities and could easily be exploited by online criminals, claims a newly-published investigation.

Are you doing everything you should to ensure that your website is up-to-date and not infecting its visitors?

How ethical hackers found a (small) vulnerability on my website

I asked High-Tech Bridge to test my website for security issues, as if they were malicious hackers, and this is what they found…

WordPress 3.7 released – complete with automatic security updates!

Automatic updating comes to self-hosted WordPress sites, with the hope of stamping out security vulnerabilities.

If you run a WordPress-powered website, check today which version you are running – and upgrade to “Basie”.

Bloggers using WordPress told to update their software immediately

A brand new version of the incredibly popular WordPress blogging platform has been released, and webmasters are being urged to update their systems “immediately” because it fixes a number of security issues.

Hackers post story of tactical nuclear strike against Syria on Channel 4 blog

Hackers from the Syrian Electronic Army have once again claimed a high profile scalp, compromising the blogs at British TV station Channel 4.

“Im getting paid!” – Websites hosted on WordPress hacked due to users’ poor password security

Millions of blogs hosted on WordPress.com can breathe a sigh of relief – although a hacker did manage to break into thousands of sites and publish a make-money-fast advert, it wasn’t because of any vulnerability on the WordPress.com site.

Instead, it seems users had simply been careless with their password security.

Insecure WordPress blogs unwittingly host Blackhole malware attack

A major malware campaign has been spread via spam email and compromised self-hosted WordPress blogs, attempting to infect computers using the notorious Blackhole exploit kit.

WordPress.com suffers hacker attack – how to change your password

Millions of blog owners around the world are being advised to consider their password security, after WordPress.com was hacked.

WordPress.com targeted by DDoS attack

WordPress.com, home to millions of blogs around the world, is currently being hit by an “extremely large” distributed denial-of-service (DDoS) attack.

Robert Scoble continues to have hacker problems

Read more in my article at Naked Security.

Robert Scoble fails to update WordPress, gets hacked

Read more in my article at Naked Security.