Harmonic Design Launches HDAnalytics: Privacy-First, Cookieless Analytics Built Natively for WordPress

HDAnalytics is a fast, cookieless WordPress analytics plugin delivering actionable insights, full GDPR/CCPA compliance, ...
GitHub

CVE-2025-11833 - Post SMTP WordPress Plugin - Broken Access Control

Post SMTP WordPress plugin <= 3.6.0 contains an unauthorized data access vulnerability caused by missing capability check in __construct function, letting unauthenticated attackers read arbitrary ...
Mashable

More than 14,000 WordPress sites hacked, used to spread malware

A new threat actor is targeting flawed WordPress sites using a new malware spreading technique. Credit: Filip Radwanski/SOPA Images/LightRocket via Getty Images WordPress is one of the most popular ...
Dark Reading

WordPress Woes Continue Amid ClickFix Attacks, TDS Threats

WordPress sites have long been frequent targets for cybercriminals, and recent campaigns show the wave of threats has yet to ebb. In recent weeks, different organizations have flagged malicious ...
Searchenginejournal.com

2025 Core Web Vitals Challenge: WordPress Versus Everyone

The Core Web Vitals Technology Report shows the top-ranked content management systems by Core Web Vitals (CWV) for the month of June (July’s statistics aren’t out yet). The breakout star this year is ...
ZDNet

How I used ChatGPT to analyze, debug, and rewrite a broken plugin from scratch - in an hour

I am not a morning person, yet my alarm goes off at 5:30 am every day. This is because the editorial team I work with is on the East Coast, and I'm in Oregon. I do a quick check of email and Slack to ...
TechRadar

WordPress hackers are teaming up with commercial adtech firms to distribute malware to millions of users - here's how to stay safe

Push notifications are now being used as malware delivery systems, and users are unknowingly subscribing to them Fake CAPTCHA prompts are now the gateway to persistent browser hijacks and phishing ...
Searchenginejournal.com

Future-Proofing WordPress SEO: How To Optimize For AI-Driven Search Features

Search is changing. I hate saying that (again) because it feels cliche at this point. But, cliche or not, it is true and it is seismic. With the rollout of AI Overviews, Bing Copilot, and ...
SecurityWeek

Threat Actors Deploy WordPress Malware in ‘mu-plugins’ Directory

Sucuri has discovered multiple malware families deployed in the WordPress mu-plugins directory to evade routine security checks. Malicious hackers have been caught hiding their WordPress malware in ...
The Hacker News

Over 1,000 WordPress Sites Infected with JavaScript Backdoors Enabling Persistent Attacker Access

Over 1,000 websites powered by WordPress have been infected with a third-party JavaScript code that injects four separate backdoors. "Creating four backdoors facilitates the attackers having multiple ...
TechRadar

Over 10,000 WordPress sites found showing fake Google browser update pages to spread malware

Ten thousand WordPress websites were being used to deliver infostealing malware to victims running both Windows and macOS devices, experts have warned. A report from cybersecurity researchers at ...