Many people use the Stripe payment plugin, including some of our clients – all of whom have been contacted by our support team. WordPress Stripe payment plugin bug leaks customer order details (bleepingcomputer.com) Have your web developers or cyber security support contacted you? Do you even know if this issue …
WordPress JetPack and Gravity Forms vulnerable
Just before I write this I am going to alert our web team so they can check our clients have the WordPress patch installed and if not get it done for them… The WordPress JetPack is a useful add-on for WordPress websites that provides a range of extra functionality – …
Continue reading “WordPress JetPack and Gravity Forms vulnerable”
PyPi software repository takes the most basic of security steps…
Having temporarily closed its doors last week to new business, PyPi – a python code repository – is now enforcing the most basic of cyber security precautions – 2FA! PyPI announces mandatory use of 2FA for all software publishers (bleepingcomputer.com) Your takeaway from this is that any essential business service …
Continue reading “PyPi software repository takes the most basic of security steps…”
PyPi. I wrote about code supply chain compromise last week…
…and I am writing about code supply chain compromise again this week. PyPi. PyPi is a well-respected repository of python code – I used it myself whilst at uni – but to try and get to grips with the influx of malicious code it has closed its doors to new …
Continue reading “PyPi. I wrote about code supply chain compromise last week…”
WordPress Elementor Plugin Under Attack
Earlier in the week I wrote about the issues with the WordPress plugin Elementor. Now the vulnerabilities I wrote about are being actively scanned for by threat actors: Hackers target vulnerable WordPress Elementor plugin after PoC released (bleepingcomputer.com) Have you or your web designers updated your website? (We have.) Do …