Thousands of websites using WordPress continue to be vulnerable to a critical security flaw in a plugin named Hunk Companion. The flaw, which has been actively exploited in attacks that execute malicious code, has a severity rating of 9.8/10. Less than 12% of users have installed the patch, leaving around 9,000 sites at risk.

Sonatype reports rise in open source malware to 17,954
The 1Q 2025 Open Source Malware Index from Sonatype revealed that open source malware packages doubled compared to the same period last year, with 56%