WordPress to finally secure it’s auto-updater with cryptographic signatures

Exciting work is being done with regards to the WordPress auto-update system that allows the WordPress team to sign each update. That signature can be verified by each WordPress installation to guarantee you’re installing the actual WordPress update an…

Similar

WordPress 4.7.2 post mortem

A few weeks ago, WordPress released version 4.7.2 to address several security vulnerabilities, including one critical one. This vulnerability allowed a remote, unauthorised attack to update web pages via the REST API. Since then, hundreds of thousands of ... (more…)

Read more »