Wordfence is adding features to their command line interface. Now in addition to malware scanning, they are starting to add automatic remediation.

WordFence launches a bug bounty program to reward researchers within the program’s parameters. This competes with Patchstack which already has a program. Unfortunately, the WordFence CEO takes a swipe at Patchstack … I prefer when WordPress companies seek to cooperate.

The WordFence open source command line scanner now scans for malware and vulnerabilities. It is written in Python and requires power user or sysadmin skills to setup, but is a good resource. This article in the Tavern has links to the documentation and code.

Recently there have been headlines that malware scanners are worthless. WordFence published an article describing how they see malware scanners as part of a layered approach to security and they also discussed their new command line scanning option.

WordFence has launched a new free service where you can setup web hooks for vulnerability notifications.

This is a mid-year report from the WordFence team about security threats they have tracked so far. The article is kind of interesting also because they used AI prompts against their own vulnerability database to help generate the answers.

WooCommerce Payments vulnerability being exploited. This post includes some interesting information about the build up of the attack.