WP Plugin Patch and PhaaS
A certain WordPress plugin is patched against a security flaw, and “phishing-as-a-service” is a real thing, especially against Microsoft 365 accounts.
News for January 25, 2023
More details about the LastPass breach and LearnPress plugin users need to apply the latest update to address multiple security flaws.
News for January 13, 2023
Disappearing shortcuts are the result of an over-zealous Defender, and there are a few WordPress plugins that should be updated. Read more for the latest on these issues.
News for October 21, 2022
Recent Rapid7 study shows that there are still a significant number of users with risky password habits. Google releases a tool to track software security metadata. Wordpress and Oracle have updates and patches available that should be applied as soon as possible.
News for September 14, 2022
WordPress Privilege Escalation Exploitby Artie Kaye Users of the plugin WPGateway are being actively targeted. This tool is meant to help unify multiple plugins and give better access to administrator duties. The exploit allows for the insertion of an unauthorized admin profile. Compromised accounts have been found to have a new administrator login created named […]