The backlash against Google’s Federated Learning of Cohorts (FLoC) has continued, with a proposal raised in WordPress Core to block the controversial alternative identifier to third-party cookies by default.

The WordPress proposal would see the blogging system use its weight to thwart FLoC.

“WordPress powers approximately 41% of the web — and this community can help combat racism, sexism, anti-LGBTQ+ discrimination, and discrimination against those with mental illness with four lines of code,” it states.

For users that want to enable FLoC,…

WordPress announced today that they plan on treating Google’s new FLoC tracking technology as a security concern and plans to block it by default on WordPress sites.

For some time, browsers have begun to increasingly block third-party browser cookies [1, 2, 3] used by advertisers for interest-based advertising.

In response, Google introduced a new ad tracking technology called Federated Learning of Cohorts, or FLoC, that uses a web browser to anonymously place users into interest or behavioral buckets based on how they browse the web.

After Google began testing FLoC this month in…

Sometimes a theme’s description is so moving that one must install, activate, and test the project. I often rail against the obviously keyword-stuffed text in the free WordPress theme directory. But, I am pleasantly surprised from time to time.

Enō is an elegant, modern and functional WordPress theme. Probably this is the best blogging theme ever. Just see the demo at…It supports Gutenberg block editor and has a lot of Customizer options…

Thus began my journey into Enō, an upcoming theme by Ivan Fonin. I could have been partially a language-barrier thing. Or, the…

Zerodium, one of the most well-known security vulnerability brokers, announced that it is tripling payouts for remote code execution exploits on default WordPress installations. Payouts are typically $100K but have been temporarily increased to $300K.

The company focuses on acquiring original and previously unreported zero-day research. It pays researchers for high-risk vulnerabilities and fully functional exploits, with the highest rewards at $2.5M for ‘full chain, zero-click, with persistence’ Android exploits. This price tag was increased from $200K in September 2019,…

Recently, I realized my professional site hadn’t been using SSL for some time. This was an oversight on my part—one that I had to rectify. After all, people could purchase items from the site, and without SSL, those purchases couldn’t exactly…

Announced by WordPress on April 15th:

WordPress 5.7.1 is now available!

This security and maintenance release features 26 bug fixes in addition to two security fixes. Because this is a security release, it is recommended that you update your sites immediately. All versions since WordPress 4.7 have also been updated.

WordPress 5.7.1 is a short-cycle security and maintenance release. The next major release will be version 5.8.

You can download WordPress 5.7.1 by downloading from WordPress.org, or visit your Dashboard → Updates and click Update Now.

If you…

Unsurprisingly, as WordPress continues to  as an  platform, attackers continue to attempt to steal credit card information from unsuspecting clients. Currently, the ess plugin WooCommerce accounts for roughly a quarter of all online stores.

Over recent years, attackers whose goal it is to fradulently obtain credit card information have mostly focused on e-commerce specific platforms such as Magento, PrestaShop and OpenCart (knowing that 100% of these websites are dealing with payment information). However, given the popularity of