A threat actor modified the source code of at least five plugins hosted on WordPress.org to include malicious PHP scripts that create new accounts with administrative privileges on websites ...

Open-source advocates should only care about the integrity of FOSS licenses, and Automattic can adopt a different license for their code whenever they wish.

WordPress.org and Wordfence have published warnings about hackers adding malicious code to plugins at the source, leading to widespread infections via updates, an attack that’s being referred to ...

WP Engine, the managed web host recently banned from WordPress.org, has filed a federal lawsuit against WordPress co-founder Matt Mullenweg and Automattic, alleging attempted extortion as well as ...

WPEngine claims that its use of the WordPress trademark is fair use because WordPress technology is open source and free, and that in 2010, Automattic transferred the WordPress source code and ...