My new job title confused a lot of people. What's an mVDP? Here's the plain-English explanation — and why plugin developers should care.

In one month, Patchstack’s security researchers filed 1,571 vulnerability reports and helped remove nearly 1,000 WordPress plugins. Here’s how it happened.

WordPress's security reputation is rough — but is it deserved? Here's a clear-eyed look at what's actually going on under the hood.

Your WordPress dashboard says everything is up to date — but one of your plugins might be silently closed and vulnerable. Here's why that's a bigger problem than it sounds.

What happens when a developer switches to cybersecurity? A lot more than you'd expect — and not all of it is obvious.

Over 80% of secrets leaked in Git repos are left there unintentionally. Here's how to stop it from happening to you.