Searchenginejournal.com

WordPress Plugins Compromised At The Source – Supply Chain Attack

Typically what happens is that a plugin contains a weakness (a vulnerability) that allows an attacker to compromise individual sites that use that version of a plugin. But these compromises are ...
The Verge

WordPress parent company must stop blocking WP Engine, judge rules

Automattic and its CEO Matt Mullenweg also have to quit interfering with WP Engine’s ACF plugin. Automattic and its CEO Matt Mullenweg also have to quit interfering with WP Engine’s ACF plugin. is a ...
Ars Technica

Critical WordPress plugin vulnerability under active exploit threatens thousands

Thousands of sites running WordPress remain unpatched against a critical security flaw in a widely used plugin that was being actively exploited in attacks that allow for unauthenticated execution of ...
The Verge

WordPress.org’s latest move involves taking control of a WP Engine plugin

WordPress co-founder Matt Mullenweg calls it “a rare and unusual situation” resulting from WP Engine’s legal moves. WordPress co-founder Matt Mullenweg calls it “a rare and unusual situation” ...
Bleeping Computer

WordPress.org to require 2FA for plugin developers by October

Starting October 1st, WordPress.org accounts that can push updates and changes to plugins and themes will be required to activate two-factor authentication (2FA) on ...
Bleeping Computer

Linux Foundation unveils decentralized WordPress plugin manager

A collective of former WordPress developers and contributors backed by the Linux Foundation has launched the FAIR Package Manager, a new and independent distribution system for trusted WordPress ...
Gigwise

When WordPress Plugins Collide: How to Avoid Costly Conflicts

WordPress powers over 40% of the internet—and for good reason. It’s flexible, customizable, and accessible for businesses of all sizes. But with great flexibility comes complexity. And for corporate ...