Recently, Finnish security researcher Joukou Pynnonen revealed a security flaw in Yoast’s WordPress SEO plugin which allowed hackers to take over the administrator account of any CMS on which the plugin was installed. One of the most popular SEO tools on the web; Yoast’s plugin has been downloaded nearly seven million times – meaning there’s a staggering number of WordPress sites impacted by the vulnerability. Unfortunately, this story is nothing new. Read more

You could be forgiven for thinking Distributed Denial of Service attacks aren’t really anything to be taken seriously. After all, they’re basically the hacking equivalent of driving a truck into a storefront. Although they can wreak a bit of havoc, they don’t require any real technical skill, and as such they’re pretty easy to defend against, right?

Right? Read more

Last month, a Finnish IT company by the name of Klikki Oy identified a critical vulnerability in WordPress – one which has been present in the platform for approximately four years. It allows attackers to enter comments which include malicious JavaScript. Once the script in these comments is executed, the attacker could then do anything from infecting the PCs of visitors to completely hijacking the website; locking the original administrator out of their account. Read more