Patchstack reports on a WordPress security cleanup last month of plugins in the directory with vulnerabilities.

This podcast interview with Miriam Schwab and Oliver Sild might be of interest to developers interested in the free Patchstack managed Vulnerability Disclosure Program. They discuss how the program works and how it is of benefit to theme and plugin developers.

The well respected WordPress security company, Patchstack, received $5M in funding from Emilia Capital. Also, Joost de Valk, co-founder of Yoast will be joining their board.

Patchstack announces a free Vulnerability Disclosure Platform for WordPress developers to help them manage disclosures. This will help developers comply with the upcoming EU Cyber Resilience Act.

Patchstack has started a Patchstack academy resource hub for learning about ethical hacking and security you code.

Patchstack is changing their service to focus more on prevention. Beginning May 1st they plan to: 1) Discontinue the Incident Response service. 2) Change the settings controls so they will be read only on the site via the plugin, and you will change them on the central Patchstack dashboard. 3) Discontinue the Site Scanning feature that checks your sites and gave hardening suggestions.

Patchstack has released a new report on the state of WordPress security. There is a lot of interest and the report is a bit different that previous ones in that it talks about some of the exploits as examples in different categories.

Patchstack created a page summarizing WordPress vulnerability statistics.