Updates on CyberSecurity, WordPress and what we're cooking in the lab today.

This is a public service announcement and a reminder to site owners. Google's Chrome browser has already started the process of ending support for Symantec SSL/TLS certificates. This includes companies owned by Symantec including Thawte, Verisign, Equifax, GeoTrust and RapidSSL....read more

At Wordfence, one of our goals is to empower you as much as possible to be self-sufficient, at no additional cost. To do that, we provide Wordfence as a free security plugin. Over the years we have also developed a comprehensive WordPress Security Learning Center that provides readers with a complete understanding of WordPress Security and how to run a secure website. We have also published a number of articles explaining how to recover from a hack, should that worst-case scenario ever arise....read more

In the past 24 hours, Security researcher Scott Helme discovered that a third party accessibility plugin called 'Browsealoud' had their servers compromised. The plugin relies on a website including Javascript in their content in order to work. This compromise resulted in over 4,000 websites serving up cryptomining malware....read more

[Update at 10:50am PST: Based on the comments we've received below, it sounds like this problem only affects certain sites.  We have received several reports of successful updates, although some of these may be the hosting provider updating WordPress installs manually. Overall this looks like good news for the WordPress team who reported this as a severe bug. If you have been impacted by this, let us know in the comments.]...read more

A massive distributed brute force attack campaign targeting WordPress sites started this morning at 3am Universal Time, 7pm Pacific Time. The attack is broad in that it uses a large number of attacking IPs, and is also deep in that each IP is generating a huge number of attacks. This is the most aggressive campaign we have seen to date, peaking at over 14 million attacks per hour....read more

Today we are announcing that our company name is changing to Defiant Inc. Over the past 5 years we have grown significantly and have expanded beyond WordPress. As a security organization, we now have a stable of products and services to offer our customers. To reflect this change, we are changing the name of the company that produces Wordfence to Defiant Inc....read more

Vulnerabilities have been reported in the Formidable Forms, Duplicator and Yoast SEO WordPress plugins. The Premium version of Wordfence protects against all of these vulnerabilities, even if you have not updated your plugins yet. We do recommend that you update immediately, whether or not you are using the Premium version of Wordfence....read more

I've mentioned Troy Hunt a few times on this blog. He's one of the good guys in our industry and runs a website called haveibeenpwned.com. If you want to scare your friends and family at a get together, send them to haveibeenpwned.com and get them to type in their email address. You'll discover that we've all been hacked at some point in the past decade and your data is already out there. The site will tell you which breaches you have been affected by....read more

The WordPress plugin repository recently removed a plugin known as "Animated Weather Widget by weatherfor.us." We dug a little deeper, and it appears that the plugin was removed for including JavaScript code that would mine cryptocurrency using the CPU resources of site visitors....read more

In today's episode of Ask Wordfence, I answer a common question we receive from customers: Should I hide my WordPress login page?...read more