Wordfence Security News – Details, episodes & analysis
Podcast details
Technical and general information from the podcast's RSS feed.


Recent rankings
Latest chart positions across Apple Podcasts and Spotify rankings.
Apple Podcasts
🇺🇸 USA - techNews
04/04/2026#78
Spotify
No recent rankings available
Shared links between episodes and podcasts
Links found in episode descriptions and other podcasts that share them.
See allRSS feed quality and score
Technical evaluation of the podcast's RSS feed quality and structure.
See allScore global : 63%
Publication history
Monthly episode publishing history over the past years.
MW WP Form 200K Sites at Risk | Axios Hack | Cisco Breach | Wordfence Security News | March 30, 2026
Episode 3
vendredi 3 avril 2026 • Duration 07:22
This week in Wordfence Security News (Week of Mar 30, 2026):
- Over 200,000 WordPress sites at risk from an unauthenticated arbitrary file move vulnerability in the MW WP Form plugin, allowing full site takeover
- Massive spike in exploitation attempts targeting the Kali Forms RCE vulnerability, with activity increasing over 60x week-over-week
- A major supply chain attack compromises the widely used Axios JavaScript library, distributing backdoored versions to developers worldwide Active exploitation of a critical Citrix NetScaler vulnerability enabling session hijacking and potential full appliance compromise
- European Commission confirms a cloud breach with data theft claims by ShinyHunters
- Cisco internal development environment breached via poisoned Trivy supply chain attack, exposing source code and credentials
Timestamps:
0:00 Introduction
0:30 MW WP Form Vulnerability
1:15 Kali Forms Exploitation Surge
1:55 Axios Supply Chain Attack
3:20 Citrix NetScaler Active Exploitation
4:57 European Commission Breach
5:50 Cisco Dev Environment Breach
6:47 Wrap up discussion
Story Links:
- MW WP Form Vulnerability
- Kali Forms Exploitation Update
- Axios Supply Chain Attack (Wiz)
- Citrix NetScaler Advisory
- European Commission Breach (Bloomberg)
- Cisco / Trivy Supply Chain Attack
Stay informed and secure: get the latest WordPress security news on the Wordfence blog or subscribe to the WordPress Security Newsletter.
Iran-Linked Hackers Breach FBI Director's Email | Wordfence Security News| Week of March 23, 2026
Episode 2
vendredi 27 mars 2026 • Duration 06:35
This week in Wordfence Security News (Week of Mar 23, 2026):
- Same-day exploitation of a critical RCE vulnerability in the Kali Forms plugin, attackers can achieve full admin takeover with a single request
- Ongoing mass exploitation of the s2Member plugin targeting password reset functionality
- Breaking News: Iran-linked hackers claim breach of FBI Director Kash Patel’s personal email
- A critical Cisco firewall management vulnerability exploited as a zero-day by ransomware actors
- FBI and CISA warn of phishing campaigns targeting messaging app accounts
Timestamps:
0:00 Introduction
0:25 Kali Forms RCE Vulnerability
1:34 s2Member Mass Exploitation
2:20 Breaking News – FBI Email Breach
2:45 Cisco Firewall RCE Exploitation
5:03 Messaging App Phishing Campaigns
Story Links:
- Kali Forms RCE Vulnerability: https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/kali-forms/kali-forms-249-unauthenticated-remote-code-execution-via-form-process
- s2Member Exploitation Campaign: https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/s2member/s2member-260127-unauthenticated-privilege-escalation-via-account-takeover
- Cisco Firewall Advisory: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-rce-NKhnULJh
- Interlock Ransomware Coverage: https://www.ic3.gov/PSA/2026/PSA260320
- Reuters – FBI Email Breach: https://www.reuters.com/world/us/iran-linked-hackers-claim-breach-of-fbi-directors-personal-email-doj-official-2026-03-27/
Stay informed and secure: get the latest WordPress security news on the Wordfence blog or subscribe to the WordPress Security Newsletter.
30,000 Sites at Risk, Cisco Zero-Day & Stryker Attack | Wordfence Security News | Week of Mar 9, 2026
Episode 1
vendredi 13 mars 2026 • Duration 05:43
This week in Wordfence Security News (Week of Mar 9, 2026):
- A critical auth bypass in Tutor LMS Pro exposes 30,000+ WordPress sites — attackers can hijack admin accounts via a Google sign-in flaw
- An unauthenticated SQL injection in Ally (400K+ sites)
- Microsoft Patch Tuesday with ~80 fixes including AI-related exploits
- A max-severity Cisco SD-WAN zero-day exploited since 2023
- Iran-linked group Handala's claimed attack on medical device maker Stryker.
Timestamps:
0:00 Introduction
0:22 Tutor LMS Pro Authentication Bypass
1:31 Ally WordPress Plugin SQL Injection
1:50 Microsoft Patch Tuesday
2:46 Cisco SD-WAN Zero-Day
4:26 Handala Attack on Stryker
5:03 Iranian Drone Strikes on AWS Data Centers
Story Links:
- Tutor LMS Pro Auth Bypass: https://www.wordfence.com/blog/2026/03/30000-wordpress-sites-affected-by-authentication-bypass-vulnerability-in-tutor-lms-pro-wordpress-plugin/
- Ally Plugin SQL Injection: https://www.wordfence.com/blog/2026/03/400000-wordpress-sites-affected-by-unauthenticated-sql-injection-vulnerability-in-ally-wordpress-plugin/
- Microsoft Patch Tuesday: https://msrc.microsoft.com/update-guide/
- Cisco SD-WAN Advisory: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4v
- Iran Cyber Retaliation: https://industrialcyber.co/reports/cyber-retaliation-surges-after-us-israel-strikes-on-iran-as-hacktivists-hit-governments-defense-critical-sectors/
- Stryker Cyberattack (WSJ): https://www.wsj.com/articles/stryker-hit-with-suspected-iran-linked-cyberattack-52f6615c
- AWS Data Centers Struck (BBC): https://www.bbc.com/news/articles/cgk28nj0lrjo
- Weekly Vulnerability Report: https://www.wordfence.com/blog/2026/03/wordfence-intelligence-weekly-wordpress-vulnerability-report-march-2-2026-to-march-8-2026/
Stay informed and secure: get the latest WordPress security news on the Wordfence blog or subscribe to the WordPress Security Newsletter.
