DuckDuckGo Now Says It Will Block Microsoft Trackers

DuckDuckGo responds to recent criticism saying the third-party tracking scripts it blocks will now include scripts from Microsoft.
WordPress Proposal To Improve Security & Performance of Plugins

WordPress proposal takes aim at improving security and performance of third party plugins
HubSpot WordPress Plugin Vulnerability

HubSpot WordPress Plugin, used by over 200,000 publishers, patched a Server Side Request Forgery vulnerability
Vulnerability Found in WordPress Anti-Malware Firewall

Reflected XSS vulnerability was patched in Anti-Malware Security and Brute-Force Firewall WordPress Plugin
WordPress Elementor Plugin Remote Code Execution Vulnerability

A Remote Code Execution Vulnerability discovered in the Elementor Website Builder plugin that can lead to full site takeover
ACF WordPress Plugin Vulnerability Affects Up To +2 Million Sites

Advanced Custom Fields plugin patched a Missing Authorization vulnerability that allows an attacker to view database information
WordPress Stored XSS Vulnerability – Update Now

Stored XSS Vulnerability discovered in WordPress can lead to full site takeover by hackers
Google Acquires Cybersecurity Firm Mandiant

In a sign of the critical importance of cybersecurity for all businesses, Google Cloud announces acquisition of cybersecurity firm Mandiant
Advisories To Increase Website Security After Russian Attack

Fight back against increased cyber attacks with these free tools and resources
5 HTTP Security Headers You Need To Know For SEO

Are security headers a part of your SEO audits? Here’s why they should be, alongside the top security headers you need to know.
WordPress Backup Plugin Vulnerability Impacted 3+ Million Installations

UpdraftPlus WordPress Plugin vulnerability potentially compromised over 3 million installations
Critical Vulnerability Strikes Magento Open Source and Adobe Commerce

Critical Arbitrary Code Execution Vulnerability rated 9.8 on a scale of 1 – 10 is actively being exploited by hackers
WordPress Vulnerability in Essential Addons for Elementor

1+ Million WordPress sites affected by vulnerabilities that could lead to remote code execution attacks
All In One SEO Vulnerability Affects +3 Million Sites

All In One SEO Plugin patched SQL Injection vulnerability that could expose privileged database information
cPanel Plugin Contains Log4j Vulnerability

cPanel plugin contains the critically vulnerable log4j library affected by what is being called a catastrophic vulnerability
Catastrophic Log4j Security Fail Threatens Enterprise Systems & Web Apps Worldwide

The vulnerability, listed as CVE-2021-44228 in Apache Log4j Security Vulnerabilities, enables remote attackers to take control of an affected system.
WordPress Template Plugin Vulnerability Hits +1 Million Sites

WordPress plugin by the makers of Astra Theme patched an XSS vulnerability that can lead to total site takeover and attacks on site visitors
WordPress Plugin OptinMonster Vulnerability Affects +1 Million Sites

WordPress Plugin OptinMonster Vulnerability exposes publishers to full site takeover and threat of malicious downloads
WordPress Facebook Feed Plugin Vulnerability Exposes 200,000+ Websites

Smash Balloon Social Post Feed WordPress plugin vulnerability exposes over 200,000 websites to Stored XSS vulnerability
WordPress Ninja Forms Vulnerability Exposes Over a Million Sites

WordPress Ninja Forms vulnerability can lead to a full site take over and phishing scams
WordPress Gutenberg Template Library Plugin Vulnerability Affects +1 Million Sites

Two vulnerabilities in the Gutenberg Template Library & Redux Framework plugin have been discovered to be vulnerable. Over 1 million sites are affected
WordPress SEOPress Plugin Vulnerability

WordPress security company discloses an XSS Vulnerability affects SEOPress that could lead to a full site takeover
WooCommerce Vulnerability Affects Millions of WordPress Sites

WooCommerce announced a patch for a critical vulnerability that is rolling out as a forced update. Publishers urged to check if updated
WordPress 5.7.2 Patches a Critical Vulnerability

WordPress released an update to patch an Object Injection Vulnerability rated by the National Vulnerability Database as critical.
WordPress Autoptimize Plugin Vulnerability Affects +1 Million Sites

Website Optimization Plugin Autoptimize contains a Stored XSS vulnerability. A patch has been released to fix the problem.
WordPress Ultimate Addons for Elementor Vulnerability Affects +1 Million

Two Brainstorm Force addon plugins for Elementor were discovered to have vulnerabilities affecting over a million websites.
Facebook for WordPress Plugin Vulnerability Targets +500,000 Sites

Two exploits affecting the popular Facebook for WordPress plugin can lead to a total site takeover and malicious backdoors
WordPress Elementor Vulnerability Affects +7 Million

Stored Cross-site Scripting Vulnerability on WordPress page builder plugin Elementor can enable a full site takeover
WP Super Cache Vulnerability Affects Over 2 Million Sites

Authenticated Remote Code Execution Vulnerability Discovered in WP Super Cache. Although low severity it’s recommended all users update now.
The Plus Addons for Elementor Critical Vulnerability

Zero Day total site takeover exploit discovered in popular WordPress plugin for Elementor page builder