WPML Confirms It Did Not Have a Security Breach

When WPML emailed new passwords to customers in plaintext, some customers thought it was due to a security breach. Amit Kvint, compatibility team leader for WPML, confirmed the emails are not a result of a security breach. In a post on the official WPML blog, Kvint says the emails were (more…)

phpBB .com Compromised Featured Image, which hosts the popular open source forum software phpBB, has been compromised. On Dec. 14th, members of the development team discovered several web servers that power the website were compromised and immediately suspended operations. Users are not at risk as the phpBB software is not affected. According to an (more…)

Clear Text Password

The CEO of iThemes, Cory Miller, published a second update concerning the security breach that occurred on Tuesday. After news of the breach, customers were left wondering whether or not their passwords were stored in clear-text. The latest update confirms that passwords were in fact stored in clear-text and affected (more…)

iThemes Suffers Security Breach, Customers Urged To Reset Passwords

iThemes published details on a security breach that took place earlier today. According to the announcement, after noticing suspicious activity, they noticed a signification attack on their membership database. iThemes urges all customers to reset their passwords immediately. To protect accounts from any unauthorized access, iThemes has temporarily reset all (more…)

One of the security tips you’ll come across often is immediately deleting the admin user after installation and creating a new user, then assigning that user the administrator role. This is something I wish the core team would address so that during the installation of WordPress, users would be able (more…)

Earlier today on Twitter, WordPress community member Travis Ballard @Ansimation published a link to a plugin that will have people thinking twice before they sign up to a WordPress based website. Ironically, it’s called WPEvil and saves passwords into plain text instead of hashes. One thing I’ve learned over the (more…)