WP Maps Pro bug exploited to create admin accounts on WordPress sites

Hackers are targeting WordPress websites running a vulnerable version of the WP Maps Pro plugin, which allows creating rogue ...

WordPress malware uses Steam profile comments for command and control

The comments on some Steam Profiles are actually loaded with invisible malware.
The Next Web

A WordPress plugin sold to 15,000 sites has a flaw that lets anyone create an admin account, and attackers are already using it

CVE-2026-8732 in WP Maps Pro lets unauthenticated attackers create admin accounts on 15,000+ WordPress sites. Wordfence blocked 2,858 attacks in 24 hours.
The Caledonian-Record

WP Engine Enhances Global Edge Security With Bot Management to Control AI-Driven Website Traffic

WP Engine, a global web enablement company providing premium products and solutions for websites built on WordPress® 1, today ...
Memeburn

12 Best AI Website Builders in 2026: Which Ones Win?

The best AI website builders promise fast site creation, but which actually deliver? We tested 12 platforms in 2026 for SEO, ...
The Citizen

9 ways South Africans can earn money online and how much they pay

The online economy is opening doors for young people ‒ but success depends on using credible platforms and building the right ...
Techlomedia

Nearly 2,000 WordPress Websites Infected by Malware Using Steam Profiles

A new malware campaign has compromised nearly 2,000 WordPress websites by using Steam Community profile comments to hide ...
note

The Story of Building an Affiliate Site with GitHub Pages—Why I Didn't Use WordPress and What I Learned

When you think about building an affiliate site, I think WordPress is the first thing that comes to mind. Installing a theme, adding plugins, signing up for a rental server—that "standard workflow" ...
The Hacker News

Critical WP Maps Pro Flaw Actively Exploited to Create Admin Accounts

Threat actors are attempting to actively exploit a critical security flaw impacting WP Maps Pro, a WordPress plugin that has had over 15,000 sales on the Envato Market, to create malicious ...

WordPress malware campaign hides payloads in Steam profiles

Nearly 2,000 WordPress websites were infected with malware that relies on Steam Community profile comments to hide command-and-control (C2) data.
The Hacker News

ThreatsDay Bulletin: AI Agents Gone Wrong, Sketchy C2 Tools, ClickFix Tricks, JS Backdoors & 20+ New Stories

Weekly ThreatsDay recap: old bugs, fake tools, shady payload tricks, AI mishaps, and the usual reminder that the internet is ...