WordPress plugin with 900k installs vulnerable to critical RCE flaw

A critical vulnerability in the WPvivid Backup & Migration plugin for WordPress, installed on more than 900,000 websites, can be exploited to achieve remote code execution by uploading arbitrary files ...

WordPress’ new AI assistant will let users edit their sites with prompts

The opt-in AI assistant can generate images, edit and translate text, and reorganize WordPress sites.
Searchenginejournal.com

Google’s Crawl Team Filed Bugs Against WordPress Plugins

Google's crawl team filed a bug directly with WooCommerce regarding add-to-cart URL parameters that were doubling the site URL, and the fix shipped quickly. Two other plugins with open crawl issues ...
The Hacker News

⚡ Weekly Recap: Double-Tap Skimmers, PromptSpy AI, 30Tbps DDoS, Docker Malware & More

Zero-day exploits, AI-driven Android malware, firmware backdoors, password manager trust gaps, rising DDoS define this week’s critical cyber threats.