ZDNet

Large-scale attack tries to steal configuration files from WordPress sites

Hackers have launched a massive campaign against WordPress websites over the past weekend, attacking old vulnerabilities in unpatched plugins to download configuration files from WordPress sites. The ...
CMS Wire

WordPress 2.6 Hits the Street One Month Early

The battle of the open source CMS continues. Well some might not consider it a battle, but there is a definite push to stay at the top by the leaders of the pack. WordPress is no slouch where that is ...
Bleeping Computer

Hackers tried to steal database logins from 1.3M WordPress sites

A large scale attack targeted hundreds of thousands of WordPress websites over the course of 24 hours, attempting to harvest database credentials by stealing config files after abusing known XSS ...
TechRadar

Patch this WordPress plugin bug, thousands of site owners warned

The Wordfence Threat Intelligence team has discovered two separate vulnerabilities in a popular WordPress plugin used to change how download pages are displayed. The plugin in question is called ...