WordPress debuts a private workspace that runs in your browser via a new service, my.WordPress.net

WordPress’s new browser-based service lets users create private sites without hosting or signup, turning the platform into a personal workspace for writing, research, and AI tools.
Cyber Daily

Pressing matter: A global WordPress ClickFix malware campaign is targeting Australian websites

Rapid7 researchers spot a malicious campaign aimed at harvesting credentials and digital wallets from Windows machines.
Bleeping Computer

SQLi flaw in Elementor Ally plugin impacts 250k+ WordPress sites

An SQL injection vulnerability in Ally, a WordPress plugin from Elementor for web accessibility and usability with more than 400,000 installations, could be exploited to steal sensitive data without ...

Hackers hijack WordPress sites to spread malware using fake CAPTCHA

A ClickFix attack can come in all shapes and sizes, including through compromised WordPress websites.