Researchers discovered a WordPress Exploit in a plugin designed to help site owners comply with the GDPR that enables attackers to take control of admin accounts.
This past summer saw a pair of Drupal security flaws exposed and patched. Is your website secure?
X-Force observed attackers using known Drupal vulnerabilities, including Drupalgeddon, to target websites and the underlying infrastructure that hosts them, leveraging Shellbot to open backdoors.
Newly discovered phishing campaigns are targeting WordPress users with malicious emails designed to steal user credentials.
New attacks against unfinished installations of WordPress aim to give attackers admin access and the opportunity to run PHP code.
RSA, in collaboration with major security firms and GoDaddy, has identified and eliminated many of the subdomains used in the RIG exploit kit.
To protect their WordPress sites from scammers, administrators must proactively patch and monitor their installations to weed out unwanted content.
Cybercriminals have been stealing cookies and using a fraudulent WordPress API to impersonate users and take control of victims' browsing sessions.
Starting with the release of version 7.2 at the end of this year, the core of PHP will use Libsodium by default for routine cryptographical operations.
Security specialists have unearthed three PHP vulnerabilities that could have had serious consequences for organizations and consumers alike.