WordPress Auto-Update Server Had Flaw Allowing Persistent Backdoors in Websites

mask.of.sanity quotes a report from The Register: Up to a quarter of all websites on the internet could have been breached through a since-patched vulnerability that allowed WordPress’ core update server to be compromised. The since-shuttered remote code …

Similar

WordPress to get secure, cryptographic updates

Exciting work is being done with regards to the WordPress auto-update system that allows the WordPress team to sign each update. That signature can be verified by each WordPress installation to guarantee you're installing the actual WordPress update an...

Read more »