WordPress.org now supports various options for Two Factor Authentication for account access. This seems long overdue and it is good to see it being implemented.
Sarah Gooding @ wptavern.com• 5 days ago
Ram Gall @ wordfence.com• 2 weeks ago
Recently there have been headlines that malware scanners are worthless. WordFence published an article describing how they see malware scanners as part of a layered approach to security and they also discussed their new command line scanning option.
Josh Escobedo @ liquidweb.com• 4 weeks ago
Just like your WordPress site, if you are using a VPS then it is necessary to lock it down and keep it updated.
Chloe Chamberland @ wordfence.com• 1 month ago
WordFence has launched a new free service where you can setup web hooks for vulnerability notifications.
Aalvin Alkan @ wpbuilds.com• 2 months ago
Here is the first in a mini-series from WP Builds on the state of WordPress security. The first interview is with Calvin Alkan. Much of the episode covers ground that we’ve already posted about in the group, but there is some new info.
Milana Cap @ developer.wordpress.org• 2 months ago
For developers: this is an in-depth overview about WordPress nonces and a tutorial on how to use them.
Chloe Chamberland @ wordfence.com• 2 months ago
This is a mid-year report from the WordFence team about security threats they have tracked so far. The article is kind of interesting also because they used AI prompts against their own vulnerability database to help generate the answers.