The Next Web

A WordPress plugin sold to 15,000 sites has a flaw that lets anyone create an admin account, and attackers are already using it

CVE-2026-8732 in WP Maps Pro lets unauthenticated attackers create admin accounts on 15,000+ WordPress sites. Wordfence blocked 2,858 attacks in 24 hours.

WordPress malware uses Steam profile comments for command and control

The comments on some Steam Profiles are actually loaded with invisible malware.
Infosecurity Magazine

Everest Forms Pro Vulnerability Allows Remote Code Execution on WordPress Sites

A critical vulnerability in the Everest Forms Pro plugin for WordPress has been actively exploited to hijack vulnerable ...

WP Engine bolts bot management onto Global Edge Security as AI crawlers surge

WordPress hosting company WP Engine Inc. today added bot management to its Global Edge Security service, giving site ...
ZDNet

How to add a work or school account to Windows 10 or 11

Roku TV vs Fire Stick Galaxy Buds 3 Pro vs Apple AirPods Pro 3 M5 MacBook Pro vs M4 MacBook Air Linux Mint vs Zorin OS 4 quick steps to make your Android phone run like new again How much RAM does ...
The Hacker News

CISA Adds Exploited Magento RCE Flaw CVE-2026-45247 to KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical flaw impacting Mirasvit Cache Warmer, a popular Magento full-page cache extension, to its Known Exploited ...