Security vulnerabilities were reported for two WordPress page builders – Oxygen and Breakdance. In an unusual move the developers pushed back. This article has the details.

Patchstack is changing their service to focus more on prevention. Beginning May 1st they plan to: 1) Discontinue the Incident Response service. 2) Change the settings controls so they will be read only on the site via the plugin, and you will change them on the central Patchstack dashboard. 3) Discontinue the Site Scanning feature that checks your sites and gave hardening suggestions.

Patchstack has released a new report on the state of WordPress security. There is a lot of interest and the report is a bit different that previous ones in that it talks about some of the exploits as examples in different categories.

This tutorial has tips on how to use WP-CLI if you think your site may have been hacked.

Bricks 1.9.7 was just released. This release focuses on security enhancements. There is a minor security fix, but mostly it focuses on hardening. The announcement gives a full rundown on the changes and how to upgrade, as extra steps may be necessary.

Following on the announcement that Automattic is in negotiations to sell user content from Tumblr and WordPress com, Morten Rand-Hendriksen asks 10 pointed questions about data ownership.

For Developers – This article was published for Laravel, but the need to secure your Webhooks and the method to do so also applies to WordPress.

The 8G Firewall has been beta tested for more than a year and now is ready for use on production sites. 8G is a lightweight (only 17KB) strong firewall that provides site security and peace of mind. Plus, 8G is open source and 100% free for everyone.