Back

Explore every episode of the podcast Wordfence Security News

Dive into the complete episode list for Wordfence Security News. Each episode is cataloged with detailed descriptions, making it easy to find and explore specific topics. Keep track of all episodes from your favorite podcast and never miss a moment of insightful content.

Rows per page:

1–3 of 3

TitlePub. DateDuration
MW WP Form 200K Sites at Risk | Axios Hack | Cisco Breach | Wordfence Security News | March 30, 202603 Apr 202600:07:22

This week in Wordfence Security News (Week of Mar 30, 2026):Β 

  • Over 200,000 WordPress sites at risk from an unauthenticated arbitrary file move vulnerability in the MW WP Form plugin, allowing full site takeover
  • Massive spike in exploitation attempts targeting the Kali Forms RCE vulnerability, with activity increasing over 60x week-over-week
  • A major supply chain attack compromises the widely used Axios JavaScript library, distributing backdoored versions to developers worldwide Active exploitation of a critical Citrix NetScaler vulnerability enabling session hijacking and potential full appliance compromise
  • European Commission confirms a cloud breach with data theft claims by ShinyHunters
  • Cisco internal development environment breached via poisoned Trivy supply chain attack, exposing source code and credentials

Timestamps:

0:00 Introduction
0:30 MW WP Form Vulnerability
1:15 Kali Forms Exploitation Surge
1:55 Axios Supply Chain Attack
3:20 Citrix NetScaler Active Exploitation
4:57 European Commission Breach
5:50 Cisco Dev Environment Breach
6:47 Wrap up discussion

Story Links:

Stay informed and secure: get the latest WordPress security news on the Wordfence blog or subscribe to the WordPress Security Newsletter. Β 

Iran-Linked Hackers Breach FBI Director's Email | Wordfence Security News| Week of March 23, 202627 Mar 202600:06:35

This week in Wordfence Security News (Week of Mar 23, 2026):Β 

  • Same-day exploitation of a critical RCE vulnerability in the Kali Forms plugin, attackers can achieve full admin takeover with a single request
  • Ongoing mass exploitation of the s2Member plugin targeting password reset functionality
  • Breaking News: Iran-linked hackers claim breach of FBI Director Kash Patel’s personal email
  • A critical Cisco firewall management vulnerability exploited as a zero-day by ransomware actors
  • FBI and CISA warn of phishing campaigns targeting messaging app accounts

Timestamps:

0:00 Introduction
0:25 Kali Forms RCE Vulnerability
1:34 s2Member Mass Exploitation
2:20 Breaking News – FBI Email Breach
2:45 Cisco Firewall RCE Exploitation
5:03 Messaging App Phishing Campaigns

Story Links:

Stay informed and secure: get the latest WordPress security news on the Wordfence blog or subscribe to the WordPress Security Newsletter. Β 

30,000 Sites at Risk, Cisco Zero-Day & Stryker Attack | Wordfence Security News | Week of Mar 9, 202613 Mar 202600:05:43

This week in Wordfence Security News (Week of Mar 9, 2026):Β 

  • A critical auth bypass in Tutor LMS Pro exposes 30,000+ WordPress sites β€” attackers can hijack admin accounts via a Google sign-in flaw
  • An unauthenticated SQL injection in Ally (400K+ sites)
  • Microsoft Patch Tuesday with ~80 fixes including AI-related exploits
  • A max-severity Cisco SD-WAN zero-day exploited since 2023
  • Iran-linked group Handala's claimed attack on medical device maker Stryker.

Timestamps:

0:00 Introduction
0:22 Tutor LMS Pro Authentication Bypass
1:31 Ally WordPress Plugin SQL Injection
1:50 Microsoft Patch Tuesday
2:46 Cisco SD-WAN Zero-Day
4:26 Handala Attack on Stryker
5:03 Iranian Drone Strikes on AWS Data Centers

Story Links:

Stay informed and secure: get the latest WordPress security news on the Wordfence blog or subscribe to the WordPress Security Newsletter. Β 

Β© My Podcast Data