Look for any podcast host, guest or anyone
Showing episodes and shows of

Patchstack Weekly

Shows

The B2B Growth Hacking PlaybookThe B2B Growth Hacking PlaybookDefending 70% of the WordPress Web: 2025 Patchstack Cybersecurity Breakdown w/ Oliver Sild (#18)WordPress runs over 40% of the web—but that also makes it the biggest target for hackers. Oliver Sild, founder of Patchstack, shares the hard truths about WordPress security, why websites get hacked faster than you think, and how threat intelligence and virtual patching are changing the game.We dig into real-world examples of vulnerabilities hiding inside plugins, why over 30% of them stay unpatched, and why waiting for plugin updates can leave you exposed for weeks—or worse. You’ll hear how even "safe" websites get compromised through human error, poor cyber hygiene, and sophisticated phishing scams.Oliv...2025-04-2950 minWP TavernWP Tavern#142 – Miriam Schwab and Oliver Sild on Security Collaboration Between Elementor and Patchstack Transcript [00:00:00] Nathan Wrigley: Welcome to the Jukebox podcast from WP Tavern. My name is Nathan Wrigley. Jukebox is a podcast, which is dedicated to all things WordPress. The people, the events, the plugins, the blocks, the themes, and in this case, the recent security collaboration between Elementor, and Patchstack. If you’d like to subscribe to the podcast, you can do that by searching for WP Tavern in your podcast player of choice, or by going to wptavern.com/feed/podcast. And you can copy that URL into most podcast players. If you ha...2024-10-2300 minAlgorütmAlgorütm22.08 Algorütm: Teadustarkvara arendaja roll akadeemiasKülas oli Tartu arvutiteaduse instituudi teadustarkvara arendaja Uku Raudvere, kellega rääkisime teadustarkvara arendaja rollist. Millega üldse arendajad teadustiimide juures tegelevad ja millised väljakutsed on teadustarkvara arendajatel, sellest seekord räägimegi.Tegime ka üleskutse uue Algorütmi brändi disainimiseks ning jagasime sooduskoodi Oktoobris saabuva Digit konverentsi jaoks. -----Jaga meile enda jaoks olulisimat mõtet episoodist meie Discord kanalis: https://discord.gg/8X5JTkDxccEpisoodi veavad Priit Liivak ja Tiit PaananenAlgorütmi toetavad Patchstack https://patchstack.comNortal https://nortal.com/Veriff...2024-08-2253 minAlgorütmAlgorütm15.08 Algorütm: Kuidas on hoitud 20% eestlaste geeniandmed?Külas on Tartu Ülikooli Genoomika Instituudi IT juht Kristjan Metsalu, kellega rääkisime, kuidas geeniandmeid hoitakse ja millised väljakutsed geenivaramu projektiga tema kui IT juhi laual on. Rääkisime ka MinuGeenivaramu portaali tehnoloogilisest küljest, arendusest ja tulevikust.-----Jaga meile enda jaoks olulisimat mõtet episoodist meie Discord kanalis: https://discord.gg/8X5JTkDxccEpisoodi veavad Priit Liivak ja Martin KappAlgorütmi toetavad:Patchstack https://patchstack.comNortal https://nortal.com/Veriff https://www.veriff.com/2024-08-1555 minAlgorütmAlgorütm08.08 Algorütm: Kuidas sinu taskus olev telefon ohu korral helisema pannakseRäägime ohuteavituste valdkonnast, mida Eestis hoogsalt arendatakse. Külas on Siseministeeriumi nõunik ja ohuteavituste projektijuht Kadi Luht-Kallas ja Riigi infokommunikatsiooni sihtasutus ehk RIKS raadioside ekspert ja EE-ALARM teenuse juht Antti Turmann, kes meile avavad selle tavaliselt varjatuks jääva maailma telgitaguseid. Kuuleme nii riskidest, millega ohuteavituse saatmisel arvestama peab kui ka tehnoloogiatest, millega see võimalikuks tehakse.-----Jaga meile enda jaoks olulisimat mõtet episoodist meie Discord kanalis: https://discord.gg/8X5JTkDxccEpisoodi veavad Priit Liivak ja Martin KappAlgorütmi toetavad...2024-08-081h 03AlgorütmAlgorütm01.08 Algorütm: Hakkame koduseid andmesalvesteid ehitamaKas sinul on kodus kuskil väike võrku ühendatud andmesalvesti ehk NAS nurrumas? Seekord rääkisime, kus hoiavad Priit ja Martin oma andmeid ning külas oli SMIT Infra- ja platvormiteenuste arhitekt Siim Vene, kes oli mõnevõrra erineva lahenduse omale koju ehitanud. Kui oled mõelnud isegi andmed pilvest koju tuua, siis kuula kindlasti, millega arvestama pead.-----Jaga meie Discord kanalis, kuidas Sina oma andmeid salvestad: https://discord.gg/8X5JTkDxccEpisoodi veavad Priit Liivak ja Martin KappAlgorütmi toetavad Patchstack https://patchstack.comNorta...2024-08-011h 04AlgorütmAlgorütm25.07 Algorütm: Python arendusmaastik aastal 2024Rääkisime tööriistadest, mida üks Python arendaja kindlasti teadma peaks. Külas oli Nortali vanemandmeteadur Hannes Rõõs, kes jagas enda kogemusi ja mõtteid tehnoloogiate kohta, mida Priit ChatGPT-st leidis. -----Tead rohkem, jaga teistelegi meie Discord kanalis: https://discord.gg/8X5JTkDxccEpisoodi veavad Priit Liivak ja Martin KappAlgorütmi toetavad Patchstack https://patchstack.comNortal https://nortal.com/Veriff https://www.veriff.com/2024-07-2545 minAlgorütmAlgorütm18.07 Algorütm: Suured keelemudelid, kasutada või mitte kasutadaKülas oli taas Kristjan Korjus, kes on Algorütmi väisamas juba neljandat korda. Rääkis ta seekord abistavatest küsimustest, mille abil otsustada, kas suurte keelemudelite rakendamine on õigustatud ja sobilik.-----Jaga meile enda jaoks olulisimat mõtet episoodist meie Discord kanalis: https://discord.gg/8X5JTkDxccEpisoodi veavad Priit Liivak ja Tiit PaananenAlgorütmi toetavad Patchstack https://patchstack.comNortal https://nortal.com/Veriff https://www.veriff.com/2024-07-181h 08AlgorütmAlgorütm11.07 Algorütm: Eesti riigi uus CTO [Madis Tapupere]Külas oli Madis Tapupere, kellega rääkisime Eesti digiriigi juhtimisest, probleemidest ja võimalikest lahendustest. -----Jaga meile enda jaoks olulisimat mõtet episoodist meie Discord kanalis: https://discord.gg/8X5JTkDxccEpisoodi veavad Priit Liivak ja Tiit PaananenAlgorütmi toetavad Patchstack https://patchstack.comNortal https://nortal.com/Veriff https://www.veriff.com/2024-07-111h 00AlgorütmAlgorütm04.07 Algorütm: Kuidas logid enda jaoks korralikult tööle panna [Erik Ehrbach]Kas oled kunagi mõelnud, millised on head logid või, kuidas üldse juhtida kvaliteetsete logide kirjutamist üle mitme arendustiimi. Just neil teemadel ja rohkemastki rääkisime LHV juhtivarendaja Erik Ehrbachiga, kes pisut seda maailma avas.----Jaga meile enda jaoks olulisimat mõtet episoodist meie Discord kanalis: https://discord.gg/8X5JTkDxccEpisoodi veab Priit LiivakAlgorütmi toetavad Patchstack https://patchstack.comNortal https://nortal.com/Veriff https://www.veriff.com/2024-07-041h 05AlgorütmAlgorütm27.06 Algorütm: Mis on GRC ja kuidas kordon.app sellega tegeleda aitabSeekord olime taas idufirmade lainel ja rääkisime Kordon nimelise GRC platvormi kaasasutaja Martin Ojalaga. Teemaks tuli nii varahaldus kui turbemaffia.-----Jaga meile enda jaoks olulisimat mõtet episoodist meie Discord kanalis: https://discord.gg/8X5JTkDxccEpisoodi veavad Priit Liivak ja Tiit PaananenAlgorütmi toetavad Patchstack https://patchstack.comNortal https://nortal.com/Veriff https://www.veriff.com/2024-06-2755 minAlgorütmAlgorütm13.06 Algorütm: Kliendid on palju ohtlikumad kui Hiina häkker [Tarko Tikan]Kutsusime külla taas Tarko Tikani, kes seekord rääkis Telia võrkude kaitsmisest. Tuleb välja, et seejuures võivad kasutajad olla hoopis ohtlikumad kui pahatahtlikud häkkerid. Räägitud sai nii mõnigi lugu kui ka jagatud mitmeid õpetussõnu. -----Jaga meile enda jaoks olulisimat mõtet episoodist meie Discord kanalis: https://discord.gg/8X5JTkDxccEpisoodi veavad Priit Liivak, Martin Kapp ja Tiit PaananenAlgorütmi toetavad Patchstack https://patchstack.comNortal https://nortal.com/Veriff https://www.veriff.com/2024-06-131h 11AlgorütmAlgorütm06.06 Algorütm: Jaan Altosaar saunadest, info asümmeetriast ja tehisaru mõjust süsteemideleLihtsalt eepiline episood tehnoloogia ja filosoofia piirimail, külas legendaarne Jaan Altosaar. Rääkisime nii tehisaru rakendamise kui omaks võtmise keerukusest, saunadest kui ka informatsiooni asümmeetriast. Vaata ka episoodi videoversiooni: https://youtu.be/beIbLYNvb4YJaani CV ja kontaktid: https://jaan.io/li-cv.pdfNew York sissetulekud: https://onefact.github.io/american-community-survey/new-york-area/income-by-raceNew York kinnisvara: https://onefact.github.io/new-york-real-estate/Google kogemusest: https://archive.ph/2s7aJ-----Jaga meile enda jaoks olulisimat mõtet episoodist meie Discord kanalis: https://discord.gg/8X5JTkDxc...2024-06-0657 minAlgorütmAlgorütm29.02 Algorütm: Kas ka sinu Wordpress paigaldus on tegelikult auklikSeekord oli külas Patchstack asutaja Oliver Sild, kellega rääkisime Wordpress paigalduste turvalisusest, sagedastest probleemidest ja lahendustest, millega Patchstack suures mahus Wordpress paigaldusi turvalisemaks muudab. Estonglishit mitte kannatavatel kuulajatel soovitan käesolevale episoodile läheneda ettevaatuse ja avatud meelega.Episoodi veavad Priit Liivak ja Tiit Paananen.Algorütmi toetavad Pipedrive, Nortal ja Veriff.2024-02-291h 12Radio BlogpocketRadio BlogpocketWP A DAY #9 - WordPress 6.4, Análisis de datos para optimizar sitios web de WordPress, El riesgo de los temas de WordPress pre-hechos¡Hola y bienvenido a WP A DAY! Aquí encontrarás las últimas noticias y actualizaciones del mundo de WordPress. Hoy es 8 de octubre de 2023. Prepárate para descubrir las novedades más relevantes de la comunidad de WordPress en nuestro episodio de esta semana. ¡Comencemos! Desde ahora está disponible la versión beta 2 de WordPress 6.4 para realizar pruebas. Se recomienda no instalarlo en sitios web en producción o críticos. Puedes probarlo de cuatro formas diferentes: mediante un plugin, descargando la versión beta 2, mediante línea de comandos o en un entorno local. El objetivo es lanzar la...2023-10-0802 minRadio BlogpocketRadio BlogpocketWP A DAY #9 - WordPress 6.4, Análisis de datos para optimizar sitios web de WordPress, El riesgo de los temas de WordPress pre-hechos¡Hola y bienvenido a WP A DAY! Aquí encontrarás las últimas noticias y actualizaciones del mundo de WordPress. Hoy es 8 de octubre de 2023. Prepárate para descubrir las novedades más relevantes de la comunidad de WordPress en nuestro episodio de esta semana. ¡Comencemos! Desde ahora está disponible la versión beta 2 de WordPress 6.4 para realizar pruebas. Se recomienda no instalarlo en sitios web en producción o críticos. Puedes probarlo de cuatro formas diferentes: mediante un plugin, descargando la versión beta 2, mediante línea de comandos o en un entorno local. El objetivo es lanzar la...2023-10-0802 minWOA! (WordPress On Air !)WOA! (WordPress On Air !)WOA#26. L'avenir du SEOBienvenue à tous dans la saison 4 du podcast WOA 🎧. Après une pause bien méritée 🏖️, nous sommes de retour pour explorer l'univers fascinant de WordPress 🖥️. Cette saison promet d'être riche en découvertes 🌟, conseils 📝 et discussions enrichissantes 🗣️. Au sommaire 📋 Les Raccourcis Clavier de Gutenberg ⌨️ : Optimisez votre flux de travail avec des raccourcis clavier pratiques. Performant Translations 🌍 : Boostez la vitesse de chargement des traductions sur votre site WordPress ⚡. Nouveau thème WordPress 6.4 🎨 : Découvrez le nouveau look de WordPress pour 2024. Patchstack 🔒 : Sécurisez votre site WordPress avec cette solution innovante. Rachat 💼 : Les dernières acquisitions dans l'univers WordPress. Inq...2023-09-0833 minWPBriefsWPBriefsPatchstack Reports 404 Vulnerabilities, Contract Disputes, and WordPress UpdatesPatchstack reports 404 vulnerabilities in WordPress plugins, Learn WordPress releases new content, and a cautionary tale on hiring without a contract.2023-09-0402 minEl podcast de BlogpocketEl podcast de BlogpocketWP A DAY #4 - WP A DAY #4: Jamie Marsland ha recreado el sitio web de TechCrunch con bloques¡Hola y bienvenido a otra edición de WP A DAY! Este podcast te trae las últimas noticias sobre WordPress, la plataforma líder en la creación de sitios web. Es 3 de septiembre de 2023 y te mantendremos al tanto de las novedades más destacadas y actualizaciones más recientes. Patchstack ha informado al Equipo de Revisión de plugins de WordPress sobre 404 plugins con vulnerabilidades no reveladas y sin parches alojados en WordPress.org. Muchos de los autores de estos plugins no han proporcionado información de contacto o no responden a los intentos de comunicación, lo que ha lleva...2023-09-0302 minRadio BlogpocketRadio BlogpocketWP A DAY #4: Jamie Marsland ha recreado el sitio web de TechCrunch con bloques¡Hola y bienvenido a otra edición de WP A DAY! Este podcast te trae las últimas noticias sobre WordPress, la plataforma líder en la creación de sitios web. Es 3 de septiembre de 2023 y te mantendremos al tanto de las novedades más destacadas y actualizaciones más recientes. Patchstack ha informado al Equipo de Revisión de plugins de WordPress sobre 404 plugins con vulnerabilidades no reveladas y sin parches alojados en WordPress.org. Muchos de los autores de estos plugins no han proporcionado información de contacto o no responden a los intentos de comunicació...2023-09-0302 minRadio BlogpocketRadio BlogpocketWP A DAY #4: Jamie Marsland ha recreado el sitio web de TechCrunch con bloques¡Hola y bienvenido a otra edición de WP A DAY! Este podcast te trae las últimas noticias sobre WordPress, la plataforma líder en la creación de sitios web. Es 3 de septiembre de 2023 y te mantendremos al tanto de las novedades más destacadas y actualizaciones más recientes. Patchstack ha informado al Equipo de Revisión de plugins de WordPress sobre 404 plugins con vulnerabilidades no reveladas y sin parches alojados en WordPress.org. Muchos de los autores de estos plugins no han proporcionado información de contacto o no responden a los intentos de comunicació...2023-09-0302 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - Ending On a High NoteThis is the final episode of the Patchstack Weekly podcast. All things come to an end - so it's only fitting to dedicate the last episode to software end-of-life, and how developers and website owners should handle sunsetting their projects. We also want to thank our host, Robert, for sharing lessons on WordPress security (and beyond) over these past 68 episodes!2023-05-0807 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - Securing Open-Source ForksForking is a fundamental part of open-source software - it offers anyone the opportunity to lead an existing project in a new direction. But forking also means that the owners of the new fork are taking over the responsibility for the security of their new project.2023-04-2405 minSiegfried, deploy!Siegfried, deploy!How to Secure Your Website from Hackers? (WordPress Security)Is WordPress secure? We get asked this question over and over again. The answer: WordPress websites are just as secure or insecure as any other website. Because most of the time, mistakes in the absolute basics are the reason for a website being hacked. In this podcast episode, Steffen and Dominik discuss what the weak points of a WordPress website are and how you can protect yourself against a hack.Highlights00:00 Intro00:20 Is WordPress secure?02:52 Risk: Plugins and themes08:14 Growing interest in WP security09:54 Risk: Passwords12:03 Plugin whitelist12:43...2023-04-1331 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - Preventing Insecure Inclusion BugsThis week's knowledge share is about a rare but serious security bug that can be found in any PHP application. Luckily it is easy to avoid, and WordPress has a built-in function that developers can utilize to help secure against it. In vulnerability news we'll cover three vulnerabilities, including one PHP Object Injection bug in the popular Advanced Custom Fields plugin.2023-04-1005 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - The One Serious Vulnerability That Open-Source Will Never HaveClosed-source software has one vulnerability open-source software will never face - source code leaks. This episode is all about embracing people who review open-source software, and consequently make it safer. We'll also cover the recent Elementor Pro vulnerability that is, unfortunately, being actively exploited by attackers. 2023-04-0305 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - Understanding WordPress Security Bug SeverityWhen you see a security fix available for your website, you should of course update the affected component. But should you drop everything and apply the update immediately? Or can you at least finish your coffee first? Or is it OK to deal with it when you get a break? That depends on the bug. Also in this episode, we'll cover the recent critical WooCommerce security bug which was, luckily, fixed with a rare forced update by the WordPress team.2023-03-2807 minYoghcastYoghcastRelatório aponta vulnerabilidades no WP | Gutenberg lança recurso de tempo de leitura e muito maisMais um Yogh News está no ar! Desta vez, você saberá mais detalhes sobre o lançamento do WordPress 6.2 que será liberado na terça-feira e muito mais! Patchstack lançou um estudo de vulnerabilidades do WP em 2022 A famosa empresa Patchstack, que conta com plugin de segurança e outros serviços lançou recentemente um grande estudo que revela as principais vulnerabilidades de segurança encontradas no WordPress.  Em 2022, o erro de segurança mais comum foi o CSRF (Cross-Site Request Forgery), que é muito conhecido como ataque de clique. Este t...2023-03-2403 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - Un-updatable Plugins - What Do They Mean?Abandoned plugins with security bugs in them are a silent risk for WordPress site owners - but there's an easy way to spot plugins that have been out of date for a while straight from your WordPress admin page. This episode is a quick tutorial on that!2023-03-2205 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - State of WordPress Security 2022 ReportWe've just released our annual State of WordPress Security report, chock full of security stats and trends from the WordPress ecosystem. Last year we saw 328% more reported security bugs added to our vulnerability database compared to 2021. This is actually a positive sign of the ecosystem becoming more secure, as more bugs are being caught (and patched). On the downside, the trend of critical vulnerabilities being left unpatched persists. Today's episode is a sort of a tl;dr, as we dive into some of the bigger findings from the whitepaper and explain what they mean for...2023-03-1408 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - Using WordPress As a Headless CMSThis week's knowledge share is an introduction to headless CMS's and WordPress. Robert will dive into what a headless CMS is, how WordPress can be used as one, and the security concerns that go along with it.2023-02-2707 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - Should You Convert WordPress To a Static Website?A static website is basically just some HTML files sitting on a server. It's very fast, cheap and secure - and it's rare to have all three. This week's episode is all about the benefits of static sites, and when should you consider using them.2023-02-2007 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - Do You Need Virtual Patching?Regular software updates are essential for security - but they are not enough. Even if you make it a habit to regularly update your WordPress components or use auto-updates, sometimes developers won't release security updates. In fact in 2022, a quarter of critical vulnerabilities found in WordPress plugins did not receive a fix. This is where "virtual patching" comes in - tune in to learn more about this handy extra security layer.2023-02-1306 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - Do You Need a 'security.txt' File?Security.txt is a new proposed standard to encourage website owners to adopt a more proactive approach to security. The file is an easy way to quickly communicate your vulnerability disclosure program to security researchers. Big companies like Google, Slack, Github and Automattic are already using it - should you?2023-02-0607 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - The Spurious Infinity of SecurityThe practice of security is boundless, with infinite context about what constitutes danger. Today's episode looks into how you can practice security to better your resume, services, business, and life. This week's vulnerability roundup will share details on three security bugs that were patched last month in a popular Learning plugin for WordPress.2023-01-3008 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - How Can Developers Prove Security?This week's knowledge share is for developers and site owners alike. Robert will be discussing all about how open-source projects (or really any code project) can show, not just tell, their users that their project's code is secure and safe to use. This week's vulnerability roundup will share details about three high-risk security bugs in WordPress components - of which two received patches and one went without.2023-01-2307 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - What Makes a Secure Hosting Service?The security of your web hosting provider is just as important as the security of your WordPress site. So in this episode Robert talks about how you can check for some important security features your hosting provider may or may not be offering. This week's security news will cover two critical vulnerabilities - one that received a patch, and one that did not.2023-01-1608 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - Are You Running Insecure Plugins?Join Robert on his second episode of new year's security resolutions - this time, he'll be running you through the checklist for ensuring the plugins on your site are safe to use. He'll also be talking about the recent Doctor Web report about a botnet targeting specific outdated WordPress plugins - which is a great reminder to always keep all your components up-to-date!2023-01-1008 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - Rotate Your PasswordsIn this episode we want to say two things: 1) Happy new year and 2) rotate your passwords! Rotating your passwords regularly is a key security practice. We feel it's important to stress this in light of the latest news from the LastPass security breach - we now know that attackers did gain access to encrypted customer data, including password vaults. Granted, this doesn't mean they got their hands on passwords and emails in plain text, but if you've used LastPass then it's high time to change all your passwords now.2023-01-0207 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - Will AI Change Web Security?Last week we confirmed that ChatGPT can write basic WordPress plugins - but should you let it? Does AI write safe code? Can it detect vulnerabilities? Tune in to this year's last episode of Patchstack Weekly to find out what the recent advances in AI mean for the future of web development.2022-12-2109 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - How One Vulnerability Affects ManyThis week's knowledge share is about a recent influx of patched security bugs affecting a single vendor. Don't panic though - the bugs are low-risk.  The noteworthy part is the number of products affected by the same bug. Stay tuned for this weekly knowledge share where Robert explains why one vendor has multiple products affected by the same bug, and what this has to do with the software supply chain.2022-12-1208 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - When Hacks Come BackRecently LastPass reported a secondary security incident that occurred months after an initial break-in. We applaud their honesty and transparency in handling the matter - this is a great example of how to handle any security incident! LastPass team's investigation concluded that this recent issue - of unexpected access to a third party service - was likely made by someone with information leaked from an incident that happened months ago in August. So in this week's knowledge share, Robert will discuss the topic of lingering threats from old hacks.2022-12-0509 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - Hunting Open-Source Security Bugs With SASTKnowing where to look is the key to finding what you're looking for. For security bugs, it is essential. In this week's knowledge share, Robert will teach you the basic process of finding security bugs using static code analysis - also known as SAST.2022-11-2108 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - Dealing With Software End of LifeThis week's knowledge share is about the security concern caused when software has been abandoned or has reached its end of life (EOL). To that point, Robert will also talk about the surprising number of plugins that were recently removed from Wordpress.org for being abandoned.2022-11-1409 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - What Is Type Juggling in PHP?This week's knowledge share is about the PHP world's smallest security bug. We say smallest because it is one character long.  You may wonder how much trouble could one character possibly cause? Stick around for this week's knowledge share where Robert will be talking about type juggling in PHP.2022-11-0707 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - What Is Cross-Site Scripting?Cross-site scripting is something we talk about a lot - but what is it exactly? Cross-site scripting - or XSS - is a prevalent threat. In fact, we add about 50 (!) new XSS vulnerabilities to our database every month. So hop on in to learn about this all-too-common vulnerability with Robert and see what you can do to protect your website against it.2022-10-3109 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - Why Open Redirects Are DangerousHey all - today we're going phishing! If that made you start packing for the trip with excitement, then you probably misread the word. "Phishing", is when a seemingly familiar or trustworthy website is actually a fake, set up to capture your data or sensitive information. In this episode, Robert explains how an open redirect bug can be used to carry out such attacks - and how you can prevent them.2022-10-2409 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - Who You Gonna Call When Your Website Goes Down?Asking a complete stranger to help you with a website emergency can make things from bad to worse. Every website owner should have a trusted emergency contact at hand when things get dicey. But how do you find those people? How do you know who to trust?2022-10-1709 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - Using OWASP ZAP to Spot User Input"Never trust user input" - this is security's golden rule. So it's a great thing OWASP ZAP has tools that can show you how much data in a web app is controlled by the browser - and therefore also by the user. Robert explains how to use those tools to uncover the hidden risk.2022-10-1007 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - How To Use the OWASP ZAP InterfaceIn this week's knowledge share Robert will continue to share with you some tips and tricks with OWASP ZAP. He'll go over ZAP's HUD - or heads-up display - so you can get an idea of what it can be used for. In other news, popular online news site Fast Company suffered a major attack last week - let's dig into what we know about the attack, and what lessons we can learn from it.2022-10-0308 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - What Can You Do With the OWASP ZAP Tool?We should probably start with "what the hell is it?" Well, OWASP ZAP is an open-source web application security tool written by developers, for developers. It is meant for those who want to get their hands dirty testing their web applications.  Of course, it also works great for security researchers and anyone interested in learning about web application security. So buckle up, because we have a lot of ground to cover!2022-09-2607 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - The WCUS 2022 RoundupWe skipped an episode last week as Robert took a drive down to WordCamp US in San Diego - but this week he's back to tell you all about it! He'll also dig into a critical vulnerability found in the premium WPGateway plugin, which is unfortunately already being used for attacks. However, as always, we like to talk about these things without hyperbole. Stay safe, stay calm!2022-09-1907 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - WordPress 6.0.2 Security Update DetailsThe WordPress 6.0.2 security release made a splash in the news last week with three vulnerabilities patched with it - but what were they? Should you be worried? Let's get cozy with Robert as he runs us through the now patched vulnerabilities, and explains why none of them is an immediate risk. Or as he likes to say: "keep on patchin', but don't be worrying." P.S. You can also catch Robert giving a security talk at WordCamp US in San Diego this weekend - if you're there, come and say hi!2022-09-0506 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - What Is Your Time to Patch?Whenever a new vulnerability is announced, the clock starts. The time it takes to patch can mean the difference between your site getting compromised or not. Tracking this as a "time to patch" metric can help you quantify if you need more help with your security program - or are attending to serious issues faster than the attackers can target your sites.2022-08-2908 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - What Does a Vulnerability CVSS Score Mean?What does it mean when a plugin on your site has a vulnerability with a "Medium" CVSS score? Today's episode will be all about severity scores associated with security bugs and how they are calculated using the CVSS - or Common Vulnerability Scoring System. I will also share two plugins that patched security bugs you should know about in the weekly vulnerability roundup.2022-08-2209 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - The Practice of Security Bug PatchingA mature security patching practice means patching even the low-risk bugs.  In this week's episode, I will talk about all the elements that turn security from a process into a practice. I will also discuss one insecure plugin in this week's vulnerability news. Unfortunately, the plugin did not receive a security patch for a severe security bug, so you may wish to be on the lookout if it is installed on your websites or customer websites.2022-08-1509 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - SVG XSS Vulnerability Found in GutenbergIt is August, and the Patchstack Alliance is growing. New security researchers have joined the alliance in the last month, and we are receiving some great reports of serious security bugs in open source components affecting millions of websites. This week there was a security bug that was not found by Patchstack Alliance. This new security bug is in the WordPress Gutenberg editor. In this week's knowledge share I will share important details that will help you understand the low risk this now public vulnerability poses, and emphasize that the existence of a CVE is...2022-08-0809 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - Why You Shouldn't Use Nulled Plugins and ThemesIn this week's knowledge share, I will talk about nulled plugins and themes - how they are a hidden security risk, how they harm trust in open source, and what you can do to make things right. I will then cover this week's vulnerability news, which highlights two security bugs in abandoned plugins and one authenticated remote code execution bug that was recently patched.2022-08-0107 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - What is Server Side Request Forgery?This week I will finally get to talk about SSRF! SSRF stands for Server Side Request Forgery. This is a category of application vulnerability that is sometimes overlooked but could allow attackers to bypass security measures and turn a web application into a sort of limited VPN to pivot to systems normally protected by the network topology.  Don't worry if this doesn't make sense right now, I'll explain it in a bit.2022-07-2509 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - Are Millions of WordPress Sites Really Under Attack?This week's weekly knowledge share is a response to the all too common headlines about "Millions of WordPress websites are under attack" we see every so often. I will share why attempted attacks are just the background radiation of the internet and not something to get into a panic over.2022-07-1810 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - Why You Should Remove Unused PluginsWelcome back to the Patchstack Weekly Security Update! This week I will talk about the importance of removing unused code and components from your websites. Simply disabling a theme or plugin is not enough - reviewing and deleting these things has to become a habit. I will also cover a few vulnerability highlights, including 10 abandoned components that have known unpatched vulnerabilities in them.2022-07-1107 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - What is CSV Injection?CSV injection occurs when websites generate CSV files and include untrusted user input within them. I'll explain why this is dangerous, and how you can protect your site against it. This week's vulnerability news will be brief - I will highlight 3 plugins with WordPress Options Update vulnerabilities (2 of which require no authentication). Each of these plugin's authors have released a patch. I will also highlight a plugin affected by a CSV Injection vulnerability that, unfortunately, has not yet been patched (but of course, Patchstack Pro and Business users are protected by a virtual patch).2022-07-0409 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - Interview with Rotem BarRotem Bar works at Cider Security as Head of Marketplace Integrations and has been working in the security field for 20 years. Back in February he found an Unauthenticated DOM-based Reflected Cross-Site Scripting vulnerability in Elementor and reported it through the Patchstack Alliance. If the bug's name sounds confusing, convoluted, and complicated, don't worry - Rotem explains what it means and where the threat is exactly.2022-06-2731 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - How To Choose Secure Plugins?Welcome back to the Patchstack Weekly Security Update! This update is for week 25 of 2022. This week's knowledge share will include some tips for WordPress site owners on what to look out for when choosing plugins. I will also share vulnerability news, with one critical issue to discuss which may have already been patched, as well as highlighting the concerning trend of security bugs not receiving patches.2022-06-2010 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - How to Update wp_options Securely.Welcome back to the Patchstack Weekly Security Update! This update is for week 24 of 2022. This week I will cover two high risk unauthenticated vulnerabilities, one could allow attackers to reset an any user's password (including admin users) and the other could arbitrarily delete files from websites running insecure versions of the plugin. Thankfully both have been patched, so now it's up to site owners to apply that patch as soon as they can. In this week's knowledge share, i will talk about a WordPress specific security bug. This security bug only applies to...2022-06-1310 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - What Makes A Good WordPress Community?Welcome back to the Patchstack Weekly security update! This update is for week 23 of 2022. It is the beginning of June, and WordCamp Europe is underway as I write this. WordCamps are the in-person community events for the WordPress community, and WordCamp Europe 2022 is the largest to be run in the last 2 years. This is a sign of the return of, and importance of community events. So, on that note, this week's weekly knowledge share will be about community (and I will have a special announcement at the end.) I will start with this...2022-06-0708 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - How To Create An Incident Response Plan?Welcome back to the Patchstack Weekly security update! This update is for week 22 of 2022. This week there is only one high-risk security bug patched to report on in the vulnerability news. During this week's knowledge share I will talk about the incident response plan and the importance of having it ready for worst-case scenarios. Because having a plan will help you turn bad situations into learning experiences.2022-05-3009 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - Vulnerability News & Over-Communicating SecurityWelcome back to the Patchstack Weekly security update! This update is for week 21 of 2022. In this week's knowledge share, I will talk more about communicating security. But, not too much, because this week I will talk about over-communicating security, also known as alert fatigue. Of course, I will start with a few notable security bug fixes added to the Patchstack Database in this week's vulnerability news.2022-05-2308 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - How To Communicate Security?Welcome back to the Patchstack Weekly security update! This update is for week 20 of 2022. This week I will talk about the importance of communication and how to communicate security when it comes to security issues. Starting from developers needing to communicate security bugs being patched and ending with how Patchstack partners are experiencing some great successes by integrating Patchstack's WordPress vulnerability intelligence API into their products. I'll tell you how and why later, in this week's knowledge share. But first, the week's vulnerability news. Starting with announcing the winners of the Patchstack Alliance's WordPress bug...2022-05-1610 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - Secure AJAX Endpoints & WordPress VulnerabilitiesWelcome back to the Patchstack Weekly security update! This update is for week 19 of 2022 and is about secure AJAX endpoints and WordPress vulnerabilities. This week in vulnerability news, I will share two WordPress plugins with security bugs that have no patch available. One could lead to tricking logged-in users to run arbitrary code on websites, and the other could lead to unauthenticated SQL injection. And I have a bit of breaking news to add, it was just reported by Portswigger that it appears WordPress websites with incomplete installations are being targeted shortly after...2022-05-0914 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - PHP Object Injection aka Insecure DeserializeWelcome back to the Patchstack Weekly Security Update! This update is for week 18 of 2022. This week I will talk about an obscure vulnerability, something that is commonly overlooked and missed by developers, bug bounty hunters, and security researchers alike. PHP Object Injection, also known as Insecure Unserialize. I will get started with this week's vulnerability news like always, we have a handful of vulnerabilities I would like to share with you. Including one report of, you guessed it PHP Object Injection.2022-05-0212 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - Egoless Programming & Security BugsWelcome back to the Patchstack Weekly security update! This update is for week 17 of 2022. This week I have a handful of vulnerabilities to share with you. Including 3 unauthenticated SQL injection security bugs that were patched, and 3 security bugs that could lead to files being uploaded to websites running these affected plugins. In this week's weekly knowledge share, I'm going to be talking about Egoless programming. A concept, introduced over 50 years ago, and an extremely helpful topic to cover when it comes to handling security bug reports.2022-04-2511 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - WordPress Vulnerabilities And Secure Code ReviewWelcome back to the Patchstack Weekly security update! This update is for week 16 of 2022 and is about the power of transparency in open source, and how anyone can utilize this transparency to learn secure code review. This week I will talk about the power of transparency in open source as it pertains to security, and how anyone, including you, can utilize this transparency to learn secure code review. There are a lot of vulnerabilities to discuss this week as well. With some versions of Elementor being affected by an authenticated high-risk vulnerability, a development/design...2022-04-1809 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - WordPress Security HistoryWelcome back to the Patchstack Weekly Security Update! This update is for week 15 of 2022 and will talk about WordPress security history. This week is a special episode. There were not many critical vulnerabilities to cover this week. So I will skip the vulnerability news and share with you, a lesson about WordPress security history over the last 18 years. My hope is that by knowing this history, we can learn some lessons along the way. Of course, there were some interesting vulnerabilities this week. If you would like to check them out, please go to the...2022-04-1114 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - Five Steps To A Secure WordPress From ScratchWelcome back to the Patchstack Weekly security update! This update is for week 14 of 2022 and I will talk about the first 5 steps to a secure WordPress. This week has a lot of vulnerability news to cover, and I will be sharing it as a 3-2-1 punch of 3 plugins that received no patch for security bugs, 2 premium plugins that patch critical security bugs, and 1 public exploit already being shared for a Local File Inclusion vulnerability. In this week's knowledge share, I will talk about the first 5 steps of WordPress security. These steps are not the...2022-04-0409 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - A New Set Of WP-CLI Security CommandsWelcome back to the Patchstack Weekly security update! This update is for week 13 of 2022. This week, I will talk about two high-risk vulnerabilities in two WordPress plugins with one big difference: One was patched, one was not. In this week's knowledge share I will share some new WP-CLI Security commands that were just added. I hope you've heard of WP-CLI, if not, then you are in for a nice surprise!2022-03-2808 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - Secure WordPress File UploadsWelcome back to the Patchstack Weekly Security Update! This update is for week 12 of 2022. This week in WordPress-related vulnerabilities, I will talk about 3 plugins that have each been patched due to high-risk security bugs found in their code. I will also provide an update on the insecure Freemius library situation, and share some possible expectations for what will happen in the next few weeks. I will then talk about defensive coding strategies for a common security bug in this week's knowledge share. A serious security bug we saw a lot of in WordPress...2022-03-2111 minDaniele.Tech - Opinioni in Open SourceDaniele.Tech - Opinioni in Open Source65 - Ban delle VPN in Russia* The Dirty Pipe Vulnerability — The Dirty Pipe Vulnerability documentation - https://dirtypipe.cm4all.com/* GDPR.txt - https://gdpr-txt.org/* arata-nvm/mitnal: Twitter client for UEFI - https://github.com/arata-nvm/mitnal* Guerre di Rete - https://www.guerredirete.it/* PipeWire: A year in review & a look ahead - https://www.collabora.com/news-and-blog/blog/2022/03/08/pipewire-a-year-in-review-look-ahead/* Fixing Performance Regressions Before they Happen | by Netflix Technology Blog - https://netflixtechblog.com/fixing-performance-regressions-before-they-happen-eab2602b86fe* FBI: Ransomware gang breached 52 US critical infrastructure orgs - https://www.bleepingcomputer.com/news/security/fbi-ransomware-gang-breached-52-us-critical-infrastructure-orgs/* State Of Wo...2022-03-1527 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - State of WordPress Security 2021Welcome back to the Patchstack Weekly security update! This update is for week 11 of 2022. This week is all about plugin vulnerabilities and the State of WordPress Security 2021 whitepaper. There is some big news this week, but really I should say last week. Patchstack released our State of WordPress Security Whitepaper for 2021 on March 9th or last Wednesday. I will be giving a short summary of some high points in this week's knowledge share, but if you would like to read the whole thing you can view it on patchstack.com for free, no email or...2022-03-1409 minPlesk Official PodcastPlesk Official PodcastGetting Ahead of Site Security with Robert Rowley and PatchstackShow NotesSubscribePatchstackWordPress ToolkitTop TakeawaysBug Bounty Programs are a way to get developers paid for finding and patching bugs. They are especially important for big, open-source projects like WordPress. Patchstack runs a global bug bounty program where they guide and pay developers to find and patch bugs.Patchstack also maintains a patch and vulnerability database, which they use to notify site owners of patches to keep their sites safe. And now, Plesk’s WordPress Toolkit integrates directly with Patchstack – meaning customers will automatically get these notifications. Site security is a team effort. It’s easy to...2022-03-0743 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - Influx of New Vulnerabilities & Freemius LibraryWelcome back to the Patchstack Weekly Security Update! This update is for week 9 of 2022 it is the beginning of March. In this week I will cover a few high-risk vulnerabilities found in WordPress components, give an update on the insecure old Freemius library situation and discuss last month's additions to the Patchstack database.2022-03-0707 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - Vulnerability News & Insecure LibrariesWelcome back to the Patchstack Weekly security update! This update is for week 8 of 2022 and focuses on insecure libraries. This week has been a heavy news week for the world, and open-source, specifically WordPress security concerns were no exception. There are 5 plugins that have released patches for serious vulnerabilities this week, as well as over 800 plugins that Patchstack recently identified as including insecure libraries used in their codebase. So, I will keep a lot of this week's updates fairly brief. A quick note on the more serious news which is still unfolding in...2022-02-2808 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - Vulnerabilities & Vulnerability RisksWelcome back to the Patchstack Weekly security update! This update is for week 8 of 2022 and will dive into several vulnerabilities and talk about vulnerability risks. This week's vulnerability news will have a lot to cover. One WordPress plugin had a vulnerability so severe the WP.org team initiated an auto-update for all installations. Another WordPress plugin patched 7 security bugs over 2 releases, and WordPress core had a vulnerability disclosed publicly before they could release a patch. With so much news to cover about vulnerabilities, I think it is a good week to discuss vulnerability severity and...2022-02-2108 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - Preparing for SQL InjectionWelcome back to the Patchstack Weekly security update! This update is for week 6 of 2022. Last week, two high severity vulnerabilities were patched by the developers of WP Spell Check and Revolut Gateway for WooCommerce. Both of these plugins patched unauthenticated SQL injection vulnerabilities, so that will be the topic of this week's knowledge share.2022-02-1409 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - Open Source & Vulnerability Disclosure PolicyWelcome back to the Patchstack Weekly security update! It is the beginning of February and this update is for the fifth week of 2022. This week I will share some of the core principles of open-source software development and how security researchers participate in them, as well explaining why open source projects should always have a vulnerability disclosure policy and what makes a good vulnerability disclosure policy. This week in WordPress component patches news, there are three critical vulnerabilities I will highlight in three plugins: So let's get into it.2022-02-0307 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - WordPress Vulnerabilities & Who Is Responsible?Welcome back to the Patchstack Weekly Security Update! This update is for week 4 of 2022. In this week's session, I will share a few high-risk vulnerabilities that were patched this week and provide an update on details about the un-patched WordPress theme vulnerabilities that Patchstack continues to deal with. During this week's knowledge share I will identify the many players in open source security. These are the people in many different roles, that play a part in open source security beyond the developers and the end-users of their open-source projects. Patchstack engages with people...2022-02-0110 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - WordPress Vulnerabilities & Cross-Site Request ForgeryWelcome back to the Patchstack Weekly security update. It is the third week of 2022 and this episode is called WordPress vulnerabilities & Cross-Site Request Forgery. Within this session, I will inform you of 6 popular open-source WordPress components that have patched various vulnerabilities in their code, from information disclosure to cross-site scripting and cross-site request forgery. In this week's knowledge share, I will discuss cross-site request forgery vulnerabilities, what their risks are, and share an easy fix for it using nonces. Your host, Robert2022-01-2010 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - Unpatched Vulnerabilities & Supporting Open SourceWelcome back to the Patchstack Weekly security update! This is Episode 6. In this week's session, we will cover a WordPress plugin that patched a critical authenticated remote code execution bug. As well as big disclosure by the Patchstack Red Team, which identifies dozens of themes that shared the same vulnerable code between them and there is no patch available. Finally, I will talk about an open-source developer who protested against the abuse of their time by large companies who use their projects at no cost. Giving back to open source projects...2022-01-1310 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - Vulnerability Roundup and Factors of AuthenticationWelcome to the Patchstack Weekly security update! This is the first Patchstack update for 2022, happy new year and let's get into the security news. This week I will give a quick roundup detailing the number of vulnerabilities added to the Patchstack database last month and I will give an update on the backlog of unpatched vulnerabilities we are working on addressing. I will then cover the topic of secrets as it pertains to authentication, and how you can understand some granular points of what makes something secret how to secure your login pages with more...2022-01-0611 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - Critical Plugin Vulnerability & Backlog of Unpatched ComponentsWelcome back to the Patchstack Weekly security update! This update is for week 52 of 2021. This week marks the final week of 2021, and with the year coming to a close it is a great time to reflect on the past, present, and future. So that is the format of this week's update. this week's vulnerability news is for a critical vulnerability in a WordPress plugin with, get this: an unauthenticated arbitrary option table update vulnerability in it. 2021-12-3007 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - WordPress Vulnerabilities And Code StewardshipWelcome back to the Patchstack Weekly security update! This update is for week 51 of 2021. This week's news may sound like deja-vu, as I will cover more of the same topics as I did last week. Log4j is still a leading security concern, and the project's developers have released yet another security update, this time to address a Denial of Service concern. I will also once again discuss WordPress plugins with options table update vulnerabilities reported in them ... the difference this time is, there is no patch. 2021-12-2310 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - WordPress Vulnerabilities and log4jWelcome to the Patchstack Weekly security update! This update is for week 50 of 2021.  It is mid-December, and we are still waiting to see the total impact of a vulnerability reported in the open-source component: log4j. This is a library used in a large number of java applications and I will get the details later during this week's knowledge share. In WordPress security news this week, there are a few plugins that have serious vulnerabilities reported in them, including unauthenticated attacks that may affect tens of thousands of websites. So, let's get to that right a...2021-12-1609 minPatchstack WeeklyPatchstack WeeklyPatchstack Weekly - Vulnerability news, Gravatar and Web HistoryWelcome to the Patchstack Weekly security update, this update is for December 9th, 2021. We will talk about the Gravatar breach, web history, and vulnerabilities from this week. In this week's session, we have two high-risk vulnerabilities to report in WordPress plugins and I will talk about the Gravatar email leaks, one-way encryption, and how the web experience has changed over the years. I will give recognition to the technical pioneers that brought us Web 2.0, and acknowledge those who are currently looking forward, the yet-to-be-named pioneers who are about to build what will be known as...2021-12-0908 minWPwatercooler: Dev Branch - Monthly WordPress Web Development Talk ShowWPwatercooler: Dev Branch - Monthly WordPress Web Development Talk ShowEP16 - WordPress Plugin Dependency ConfusionThis month on the Dev Branch we’re going to be talking with Robert Rowley of Patch Stack about Dependency Confusion and what WordPress developers need to know to secure their sites and what’s to think about when building plugins.  https://make.wordpress.org/core/2021/06/29/introducing-update-uri-plugin-header-in-wordpress-5-8/ https://wpscan.com/vulnerability/95e01006-84e4-4e95-b5d7-68ea7b5aa1a8 https://wordpress.org/plugins/patchstack/ https://vavkamil.cz/2021/11/25/wordpress-plugin-confusion-update-can-get-you-pwned/ https://patchstack.com/patchstack-weekly-week-48-dependency-confusion/ https://make.wordpress.org/plugins/2021/11/29/please-dont-test-submitting-other-peoples-plugins/ Panel Jason Tucker – jasontucker.blog Steve Zehngut – zeek.com Jason Cosper – jasoncosper.com Robert Rowle...2021-12-0630 minWP BuildsWP Builds239 – Use Patchstack to keep your WordPress website safeSo you might not have heard about the WordPress security company Patchstack before, but you will likely know about them! You see, until recently, they were called WebARX, but they decided that this was a somewhat confusing, and hard to pronounce name, and so changed it to Patchstack. We talk today to founder Oliver Sild, and get to the bottom of why and how the re-branding went as well as what new features have been added to the platform at the time of the changeover. You might be able to assist their security efforts and get paid into the...2021-07-2254 minWP BuildsWP Builds239 – Use Patchstack to keep your WordPress website safeSo you might not have heard about the WordPress security company Patchstack before, but you will likely know about them! You see, until recently, they were called WebARX, but they decided that this was a somewhat confusing, and hard to pronounce name, and so changed it to Patchstack. We talk today to founder Oliver Sild, and get to the bottom of why and how the re-branding went as well as what new features have been added to the platform at the time of the changeover. You might be able to assist their security efforts and get paid into the...2021-07-2254 minWP BuildsWP Builds239 – Use Patchstack to keep your WordPress website safeSo you might not have heard about the WordPress security company Patchstack before, but you will likely know about them! You see, until recently, they were called WebARX, but they decided that this was a somewhat confusing, and hard to pronounce name, and so changed it to Patchstack. We talk today to founder Oliver Sild, and get to the bottom of why and how the re-branding went as well as what new features have been added to the platform at the time of the changeover. You might be able to assist their security efforts and get paid into the bargain...2021-07-2254 minWP BuildsWP Builds239 – Use Patchstack to keep your WordPress website safeSo you might not have heard about the WordPress security company Patchstack before, but you will likely know about them! You see, until recently, they were called WebARX, but they decided that this was a somewhat confusing, and hard to pronounce name, and so changed it to Patchstack. We talk today to founder Oliver Sild, and get to the bottom of why and how the re-branding went as well as what new features have been added to the platform at the time of the changeover. You might be able to assist their security efforts and get paid into the bargain...2021-07-2254 minWP BuildsWP Builds239 – Use Patchstack to keep your WordPress website safeSo you might not have heard about the WordPress security company Patchstack before, but you will likely know about them! You see, until recently, they were called WebARX, but they decided that this was a somewhat confusing, and hard to pronounce name, and so changed it to Patchstack. We talk today to founder Oliver Sild, and get to the bottom of why and how the re-branding went as well as what new features have been added to the platform at the time of the changeover. You might be able to assist their security efforts and get paid into the bargain...2021-07-2200 mingrit. | startup turunduse podcastgrit. | startup turunduse podcastPATCHSTACK (END. WEBARX).   Agnes Talalaev – SEO häkid, NLP ja veebilehe turvalisusPraktilisi nõuandeid tulvil episood Agnes Talalaeviga, kes on küberturvalisuse idufirma WebARX (mis kannab nüüd nime Patchstack) turundusjuht. Räägime: •  Kuidas teha turundust nulleelarvega? •  Miks ja kuidas AppSumo kampaaniaid teha? •  Kui ajakulukas on persoonibrändi loomine? •  Kuidas turunduses NLP-d rakendada? •  Kuidas oma kodulehe turvalisuse eest hoolitseda? Lisaks jagab Agnes, kuidas ta ühe plugina abil CTR-i 300% tõstis, räägib lähemalt WebARXi mängustatud kampaaniast ning avaldab, millist meiliturunduse tööriista vältida, et elurõõm säiliks. Head kuulamist! 🕵️ 2020-12-1752 min