Exciting work is being done with regards to the WordPress auto-update system that allows the WordPress team to sign each update. That signature can be verified by each WordPress installation to guarantee you're installing the actual WordPress update an...

One of the frustrations and time-consuming things most WordPress developers and engineers do is setting up sandboxes to test various plugins, features and themes. This new service, which is currently… (more…)

A massive distributed brute force attack campaign targeting WordPress sites started this morning at 3am Universal Time, 7pm Pacific Time. The attack is broad in that it uses a large number of attacking IPs, and is also deep in that each IP is generating a... (more…)

WordPress.com launched a new website building service today with prices starting at $4,900. Automattic has been beta testing the service since the last quarter of 2020. The product announcement inv… (more…)

Use XSHM to identify WordPress websites running on internal networks and behind firewalls and also launch a login bruteforce attack on them.