WordPress core version 5.2.3 was released on September 4. This was a security release patching eight key vulnerabilities in WordPress core, most of which were cross site scripting vulnerabilities. In this episode of Think Like a Hacker, we walk through… Continue Reading →

This week, we chat about the plan for WordPress 5.3 and some of the new features we will see added to WordPress in November, including many improvements to the editor. We will also see a switch from robots.txt files to… Continue Reading →

 Bill Rice is the CEO of Kaleidico, a digital agency in Michigan. We chatted at WordCamp Minneapolis about WordPress and the community, and his work creating websites that convert. Bill spoke at WordCamp Minneapolis about trends in WordPress website… Continue Reading →

 As of WordCamp Boston 2019, Sandy Edwards has organized 26 KidsCamps across the US. We talk about what kids do at a WordPress KidsCamp, the success these kids have had publishing with WordPress, and how Sandy teaches basic internet… Continue Reading →

A recent discussion among WordPress core developers about removing support for code signing in core caught our attention. Code signing support was included with the WordPress 5.2 release. The discussion centers around removing code signing and implementing SSL verification and… Continue Reading →

 Topher DeRosia is the Developer Evangelist for BigCommerce and a frequent WordCamp speaker. He’s worked with WordPress for a long time and is the man behind HeroPress, telling the stories of people whose lives have been transformed by WordPress…. Continue Reading →

The Wall Street Journal reported on Monday, August 12, 2019 that Verizon is selling social media and blogging platform Tumblr to Automattic for an undisclosed sum, though rumors state that it may be as low as $3 million dollars. After… Continue Reading →

 In this episode, Mark chats with Vito Peleg, the founder of WP Feedback, a plugin that helps WordPress-focused agencies streamline approval and support for their customers. Vito talks about the glass ceiling in agencies where managing people and projects… Continue Reading →

This week, we talk about our corporate trip to DEF CON, the WordPress security team’s proposal to backport security fixes to fewer releases, a new feature proposal called WP Notify that has a number of very positive implications for WordPress… Continue Reading →

 Jem Turner was one of the security researchers that found malicious code in Pipdig’s P3 plugin. Both Jem and Wordfence’s Mikey Veenstra found the P3 plugin to contain a number of suspicious or malicious features, including a remote “killswitch,”… Continue Reading →

This week we talk about the Capital One breach affecting over 100 million customers and some important takeaway lessons from that case. We also look at news with the the Equifax settlement, a spearphishing campaign targeting ProtonMail users, the conclusion… Continue Reading →

 David Jardin is the Security Strike Team Lead for Joomla, an open-source content management system powering more than 2.5 million websites. At WordCamp Europe, Mark and David sat down and talked about the workflow for Joomla security reports and… Continue Reading →

This week, we cover WordPress vulnerabilities targeted by a malvertising campaign and an important iOS security update. We also look at Equifax’s $700 million settlement and a recent uptick of new breaches added to Have I Been Pwned. Along with… Continue Reading →

 At WordCamp Europe, Mark chats with Chris Teitzel, CEO and founder of Lockr. Lockr is a key management system for websites using CMSs like WordPress and Drupal. Chris talks about the challenges of securing sensitive information and how Lockr… Continue Reading →

A security researcher found vulnerabilities in the Mac client for Zoom, a popular video conferencing application. After 90 days and two weeks, the vulnerability still exists. Mitigating the vulnerability entails typing the following commands in terminal, replacing [pid]  with the… Continue Reading →