GitHub Launches Security Alerts for JavaScript and Ruby Projects, Python Support Coming in 2018

Last month GitHub launched its Dependency Graph feature that tracks a repository’s dependencies and sub-dependencies under the Insights tab. This week the company rolled out an expansion of the feature and will now identify known vulnerabilities and send notifications with suggested fixes from the GitHub community. Dependency graphs and security alerts are automatically enabled for public repositories, provided the repository …

7 Free Online Tools to Scan Websites for Security Vulnerabilities

In Q3 of 2016, Sucuri reported that WordPress again led all content management systems with the number of hacked websites. WordPress alone claimed ownership of 74% of all detected infections and vulnerabilities. Ugh. That’s always a huge let-down. With people already looking for reasons not to use WordPress or hearing horror stories about this very […] View original post at …

Is Your Website GDPR Compliant? How to Get Ready for the General Data Protection Regulations

The General Data Protection Regulation (GDPR) is important new legislation in the area of data protection. Developed by the European Union, it’s designed to strengthen individuals’ rights regarding the collection, use and storage of their personal data. The law applies to businesses or organisations in the European Union. Those outside the EU who offer goods […] View original post at …

Is WordPress Secure?

The question of whether or not WordPress is secure is complicated. While it’s obviously a secure enough platform for roughly a quarter of all websites around the world that are powered by WordPress, it’s not without its flaws. So, who is responsible for keeping WordPress secure? Of course, some of that responsibility ultimately falls on […] View original post at …

GitHub Launches New Dependency Graph Feature with Security Alerts Coming Soon

GitHub announced a new Dependency Graph feature at the Github Universe conference yesterday. It lists all the dependencies for a repository and will soon identify known vulnerabilities. The graph can be accessed under the Insights tab and currently supports Ruby and JavaScript dependencies with Python coming soon. Public repositories display the graph by default and private repository owners also have …

SI CAPTCHA Anti-Spam Plugin Permanently Removed from WordPress.org Due to Spam Code

The SI CAPTCHA Anti-Spam plugin has been removed from the WordPress Directory due to its author including spam code. The plugin added a CAPTCHA image test to WordPress forms to prevent spam and was compatible with forms generated by bbPress, BuddyPress, Jetpack, and WooCommerce. It had more than 300,000 active installs at the time of removal. Mike Challis, the original …

WordPress 4.8.2 Patches Eight Security Vulnerabilities

WordPress 4.8.2 is available for download and users are encouraged to update as soon as possible. This release patches eight security vulnerabilities and has six maintenance related fixes. Hardening was also added to WordPress core to prevent plugins and themes from accidentally causing a vulnerability through $wpdb->prepare() which can create unexpected and unsafe queries leading to potential SQL injection (SQLi). …