Two WordPress vulnerability posts in a day – WPGateway zero-day vulnerability

WordPress website claim makes it a BYOD risk

Earlier today I wrote about the FishPig/Magento supply chain attack, now I have come across another WordPress cyber security problem. A popular WordPress plugin is being actively exploited. PSA: Zero-Day Vulnerability in WPGateway Actively Exploited in the Wild (wordfence.com) The Wordfence Threat Intelligence team have warned that WordPress sites running …

Do you use FishPig ecommerce software? You don’t know. Then check now because it may have been compromised.

This is a classic supply chain attack. UK based FishPig, seller of Magento WordPress integrations, ecommerce software has discovered that its distribution server had been compromised, which allowed threat actors backdoor access to the customer’s systems. The ecommerce software is believed to be used by more than 200,000 websites. Breach …

How secure is your WordPress website and blog? Do you even know if your organisation’s website is built on WordPress?

WordPress website claim makes it a BYOD risk

There has been a flurry of WordPress security and vulnerability articles over the past week or so. It is no surprise that the world’s most popular website builder is a target for threat actors, especially as Automatic’s core code can be added to with third-party, open-source or even self-written plugins, …