Cybersecurity Starts in the Boardroom
I did not write about WordPress all of last – but that would not continue. WordPress – the worlds most popular website builder, according to WordPress – and the associated plug-ins will always be a target for hackers, looking for an easy way to hit many victims. The Ultimate Member …
Just before I write this I am going to alert our web team so they can check our clients have the WordPress patch installed and if not get it done for them… The WordPress JetPack is a useful add-on for WordPress websites that provides a range of extra functionality – …
Continue reading “WordPress JetPack and Gravity Forms vulnerable”
See here for what I have written about WordPress this week: Let’s Talk About WordPress …and if you do not think hackers go after WordPress and it’s plugins, then read this: Hackers target 1.5M WordPress sites with cookie consent plugin exploit (bleepingcomputer.com)
…which makes them a juicy target for threat actors if they can find a bug in code or plugins. That was the topic of yesterday’s article on CyberAwake: Let’s Talk About WordPress – CyberAwake This is an article about governance – not a technical article – so if you are …
It is a while since I have written about the issue of compromising code in software repositories being an attack vestor for threat actor bit it has not gone away. Malicious Microsoft VSCode extensions steal passwords, open remote shells (bleepingcomputer.com) Software and web developers everywhere will access code from these …
