GoDaddy found malware on 1,980 WordPress sites using Steam as C2 infrastructure
GoDaddy found malware on 1,980 WordPress sites using Steam as C2 infrastructure Pierluigi Paganini June 02, 2026 Malware on approximately...
WordPress
CVE-2026-8732: The WP Maps Pro Flaw That Lets Anyone Create a WordPress Admin Without a Password
CVE-2026-8732: The WP Maps Pro Flaw That Lets Anyone Create a WordPress Admin Without a Password Pierluigi Paganini June 01,...
Malicious WordPress Plugins with Backdoors Compromise Thousands of Websites
Image: Justin Morgan/Unsplash A web developer discovered dozens of malicious WordPress plugins with buried backdoors that had compromised thousands of...
Smashing Security podcast #459: This clever scam nearly hijacked a tech CEO’s Apple ID
In episode 459 of Smashing Security, we dive into a chillingly clever account takeover attempt targeting WordPress co-founder Matt Mullenweg...
Security Flaw in WordPress Plugin Puts 400,000 Websites at Risk
Image: Adobe A vulnerability in a widely used WordPress accessibility plugin could allow attackers to steal sensitive data from affected...
Critical SQL Injection bug in Ally plugin threatens 400,000+ WordPress sites
Critical SQL Injection bug in Ally plugin threatens 400,000+ WordPress sites Pierluigi Paganini March 12, 2026 An unauthenticated SQL injection...
Enterprise SSO for WordPress Portals
Modern WordPress portals in enterprise environments serve employees, partners, vendors, and customers across multiple systems. These portals often connect...
