THREAT ANALYSIS May 2026 · Forensic Case Study A forensic breakdown of how an attacker turned CyberPanel’s SnappyMail logging into a persistent webshell that survived every WordPress cleanup attempt. A WordPress site owner reported redirect malware on their site. They found that clicking anywhere on the page would open spam links in new tabs. They … Read more
Last week, there were 78 vulnerabilities disclosed in 62 WordPress Plugins and 2 WordPress Themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 59 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities in this report now to ensure your site is not affected. Our mission with … Read more
Every WordPress release celebrates an artist who has made an indelible mark on the world of music. Say Hello to WordPress 7.0 “Armstrong”, named in honor of “Satchmo” himself, jazz musician Louis Armstrong. Known as the “first great jazz soloist”, Louis Armstrong created ensembles that highlighted his own profound trumpeting skills, and in the process, … Read more
Ready to sell online? Start with the decisions you’ll live with for a long time: your site, hosting, and payments. Here’s how to get them right.
On May 8, 2026, PRISM, Wordfence Threat Intelligence’s autonomous vulnerability research platform, discovered a critical Authentication Bypass vulnerability in Burst Statistics, a WordPress plugin with more than 200,000 active installations. The vulnerability was introduced in the code on April 23, 2026, discovered just 15 days later, and patched 19 days later, highlighting the positive impact … Read more
