The Next Web

Hackers are mass-exploiting a Gravity SMTP flaw to steal API keys from 100,000 WordPress sites

Wordfence has blocked 17M+ exploit attempts targeting a Gravity SMTP bug that leaks API keys, OAuth tokens, and full system reports without authentication.
Bleeping Computer

WordPress REST API Flaw Used to Install Backdoors

Attackers have found a way to escalate the benign WordPress REST API flaw and use it to gain full access to a victim's server by installing a hidden backdoor. On January 26, the WordPress team ...
The Next Web

Authy releases a WordPress plugin enabling two-factor authentication to better protect against hacking

Authy, the Y Combinator-funded service that aims to better protect data online with two-factor authentication, has released a WordPress plugin so that publishers will feel secure about their blogs. In ...
TechCrunch

Authy Brings Two-Factor Authentication To Self-Hosted WordPress Sites (Updated)

If you run your own WordPress site, chances are you are using a pretty secure password to keep hackers from posting random stories to your blog. Still, even the best password isn’t as good as using ...