WordPress debuts a private workspace that runs in your browser via a new service, my.WordPress.net

WordPress’s new browser-based service lets users create private sites without hosting or signup, turning the platform into a personal workspace for writing, research, and AI tools.
Bleeping Computer

SQLi flaw in Elementor Ally plugin impacts 250k+ WordPress sites

An SQL injection vulnerability in Ally, a WordPress plugin from Elementor for web accessibility and usability with more than 400,000 installations, could be exploited to steal sensitive data without ...
Bleeping Computer

New PhantomRaven NPM attack wave steals dev data via 88 packages

New attack waves from the ‘PhantomRaven’ supply-chain campaign are hitting the npm registry, with dozens of malicious packages that exfiltrate sensitive data from JavaScript developers. The campaign ...
Journal Online

SLED warns “HereCity” SC news websites hacked

The State Law Enforcement Division (SLED) is warning that a number of news websites across the State using the “HereCity” platform have been hacked and contain a malicious JavaScript. HereCity is a ...