Website publishers using the popular free and open source WordPress content management system (CMS) woke up this morning to find that their sites had been upgraded to version 4.2.2. Users who’s sites somehow missed being automatically upgraded are urged to update immediately, as this update addresses several important security issues. According to Wordfence, maintainers of […]
Continue reading WordPress Upgraded to Fix Security Holes
Anyone who runs sites using the WordPress platform and the plugin Simple Ads Manager will want to read this and learn from our mistake. Even those not using this particular plugin, but who have deactivated plugins not being used but still residing on their servers might find this useful. Luckily, in our case no harm […]
Continue reading WordPress Plugin ‘Simple Ads Manager’ Exploit
It’s not a good day for Drupal users, with the security folks at the CMS platform telling all users to consider themselves compromised if they didn’t install a security patch within seven hours of its release on October 15th.
Fixing the infected sites will require a bit of work. Sites will need to be taken […]
Continue reading Drupal Hack & WordPress Users
The sharing feature of the Jetpack plugin for WordPress is currently being exploited for the purpose of sending spam and possibly for DDOS attacks. FOSS Force became aware of this after we began looking into emails being sent to us by our server’s security system, notifying us of massive amounts of email being sent from […]
Continue reading WordPress Jetpack Sharing Plugin Exploited by Spammers
At about 1 p.m. this afternoon the security company behind the WordFence plugin for WordPress issued a security advisory via email informing users of their plugin that WordPress sites are currently under a brute force attack.
“As of 11am eastern time this morning we are monitoring the largest distributed brute force attack on WordPress installations […]
Continue reading Brute Force Attacks on WordPress Sites Underway