Trending News: If You Use Google Chrome, Your Device May Have Secretly Downloaded a 4GB AI ModelNew Summer Beauty: SPF, Serums, Makeup, Haircare, and SupplementsExxon Is Nearing a Deal to Pump Oil in Venezuela, Marking a Victory for TrumpNew York City residents will get a chance to purchase $50 World Cup ticketsRetirement, savings take a hit among parents struggling with child-care costs – NationalOntario faces child-care chaos as Ottawa loses interest: DenleyA trio of former BioWare devs are making ‘a neon-noir supernatural mystery game set in a stylized Canadian cityscape’NBA playoffs 2026: Ranking every possible Finals seriesWhy A $3,000 United Airlines Polaris Ticket No Longer Gets You Into The Polaris LoungeSpotify to reserve tour tickets for artist ‘superfans’ in support of live musicOne of Meta’s big legal reckonings just ended in a settlementNova Scotia Opposition says wait for mammograms shouldn’t be more than a year – HalifaxRafe Pomerance, who helped sound the alarm on climate change, dies at 79Five key takeaways from Democrats’ autopsy report on Kamala Harris’s loss | Kamala Harris NewsMinister Hussen announces support for financial stability in developing countries at the 2024 Annual Meetings of the International Monetary Fund and the World Bank GroupHyundai recalls some Elantra Hybrid vehicles over possible overheating, fire riskNixon goes to finance, LaGrange swaps health roles in Alberta cabinet shuffleZillow loses thousands of listings in fight over “hidden” homesSuit targets whites-only Arkansas community over applicant rejected for Jewish roots, Black husbandDomestic abuse law fails to recognise danger of tech abuse, Lords committee told | Online abuseOllie Robinson recall surprises former England fast bowler Stuart BroadWarhammer 40K: Dawn of War 4 gets a release date, as devs suggest we could get even more factions after launchMay 2026 Scene: New Exhibits, Hotel Opening and MoreDesigns for 250ft arch in Washington approved by panel of Trump appointees | Donald TrumpRight-leaning media voices react to Alberta court ruling on independence vote, ‘gotcha-style’ media stingMeta settles school suit over social media, averting trialMustard Made Storage Lockers Are on a Rare Sale Through May 31Resy credits: How to use these benefits to save on diningPoilievre says he’ll be campaigning ‘across Alberta’ for Canadian unityFederal Prosecutors Drop Charges Against ICE Protesters in Chicago AreaFertility and financial risk-taking – Marginal REVOLUTIONRecipe: Pistachio mint pesto – BCConvective Capital raises an $85 million fund to build disaster resilienceIPL 2026 – GT vs CSK – Ruturaj Gaikwad ‘really proud’ of CSK’s performance in ‘transition phase’EU cuts growth forecasts as Iran war drives up inflation‘Best before’ date labels behind $12B in waste as…Carrie Smith Named Vice President, Leasing and Revenue Growth at Zen Residential Ltd.Republicans cancel votes amid fight over Trump’s ‘anti-weaponization’ fundDestiny 2 to get final live-service update as Bungie ends developmentFamily of Brampton teen found dead in Saskatchewan devastated, searching for answers: advocateFormer Jeffrey Epstein assistant tells House Oversight Committee he abused her for yearsOpenAI makes breakthrough on 80-year-old maths problem | OpenAI“Should Not Have Boarded”: Air France Flight Barred From Detroit Over Ebola Entry Violation9 Best Home Saunas To Sweat It OutSamsung Averts a Walkout With Big Bonuses, but Discord Over A.I. Profits BrewsPoilievre says all Conservatives will campaign for Alberta to stay part of CanadaA look at the SpaceX IPO by the numbersItalian police stop party attended by Mick Jagger over music ban | Mick JaggerRams Fantasy outlooks: Players to avoid, target at ADP, moreMan arrested in 40-year-old rape and murder case after forensic genealogy investigationPolice federation calls for probe of CBC-APTN show, says officers were ‘misled’Inside WordPress.com’s Essential Plugin Attack ResponseSpotify Is Adding More AI Gunk For Podcasts And AudiobooksA Packed Day Of Game Reveals Just Ended With A Wave Of New DemosForeign ministers’ statement on legislation against United Nations Relief and Works Agency for Palestine Refugees in the Near East under consideration by the Israeli KnessetNet migration to the UK falls by nearly 50 percent amid tighter policies | Migration NewsMost couples prefer cash for down payments over traditional wedding gifts: surveyAnti-terror symbol bill not meant to target protests, justice minister saysTrump says he’s postponing AI executive order “because I didn’t like what I was seeing”Trump scraps signing of landmark executive order regulating AIAn Upcoming MLS Match on Apple TV Will Be Shot Entirely on the iPhone 17 ProAston Martin’s Brutal Reality: Why the Team Is Bracing for a Long, Painful F1 SummerToilets and changing rooms must be used on basis of biological sex, guidance confirmsBruce Springsteen says Colbert was cancelled because Trump ‘can’t take a joke’ – NationalWhat to do if your flight is canceled during the fuel crisisThe 3 Items That Will Make Jeans and a Tank Top Look ExpensiveVirginia judge dismisses charges against assistant principal in teacher shooting case | VirginiaPrime Minister Carney speaks with Chancellor of Germany Friedrich Merz and Prime Minister of Norway Jonas Gahr StøreYour slice of the bread price-fixing settlement is on its wayThis year’s Atlantic hurricane season expected to be below average, thanks to El NiñoThe Endless AI guitar pedal has potentialTony Carruthers’ lawyers ask for execution to be stopped, say corrections can’t find vein for IV lineWarhammer Skulls 2026 Game Trailers, Updates, and RevealsStudent sues University of Michigan over alleged surveillance tied to Gaza protests | US universitiesGiro d’Italia: Alec Segaert claims first-ever stage win on a Grand TourDemocrats’ Draft Report on 2024 Loss Puts Blame on Biden and BeyondStunning aerial footage still best thing about Top Gun at 40Kraken El Niño is coming for the cropsB.C. mineral claims case heads to the Supreme Court of CanadaSmarsh Introduces New Anthropic Integration to Capture and Govern Claude Enterprise Data Within Its PlatformCanada sees plunge in temporary resident arrivals in 2006Why The Most-Tested Boeing Aircraft In History Is Also 7 Years Behind ScheduleJudge dismisses all child neglect counts against Newport News assistant principal Ebony ParkerKatie Holmes Honored at American Ballet Theatre Gala: Inside the EventPests or pets? It turns out pigeons have a long history of eating human foodWhy the 2026 Hurricane Season Might Not Be That Bad100 days until Week 0: Top storylines, games and predictions for the 2026 seasonJapanese Charts: Switch 2 Sales Continue To Spike Ahead Of Price IncreaseTrump Again Says He Will Talk to Taiwan’s Leader, Risking China’s Angerhey, here’s a link to look up your local MP’s…Fed’s Barkin Says Repeated Supply Shocks Test Inflation AnchorThese are the Canadian regions with the highest rates of breast cancer – NationalSupreme Court sides with US company in claims over property seized in Cuban revolutionElon Musk and Other CEOs on Trump’s Trip to China Sought ReliefStellantis refreshing North American products — and building 11 new models by 2030Delta Dethrones United As The No.1 US Airline To Europe This SummerThis young startup is taking on a fragrance industry that hasn’t changed in a almost half centuryPutin and Lukashenko monitor joint Russia-Belarus nuclear exercises | Russia-Ukraine war NewsOttawa says it plans to shutter and sell its Nanisivik naval portA decade after Standing Rock protests, contentious segment of Dakota Access oil pipeline gets OK
Thu. May 21st, 2026

  • About Us

    Welcome to Daily News & Blog – your go-to source for the latest news, insightful blogs, and trending stories from around the world.

    Who We Are

    At Daily News & Blog, we are passionate about delivering accurate, timely, and engaging content across various categories, including world news, economy, technology, sports, gaming, travel, fashion, health, and more. Our goal is to keep you informed, inspired, and ahead of the trends.

    What We Offer

    Breaking News & In-Depth Analysis – Stay updated with real-time updates and well-researched articles.
    Diverse Topics – Covering everything from global events to lifestyle, entertainment, and innovation.
    Engaging Blogs – Thought-provoking opinions and expert insights on trending subjects.
    Reliable Sources – We curate information from trusted news providers and industry experts.

    Our Mission

    We aim to be more than just another news website. Our mission is to create a platform where information meets authenticity, helping our readers navigate an ever-changing world with clarity and confidence.

    Join Us

    Follow us for daily updates and be part of a growing community that values knowledge and meaningful discussions.

    📩 Have a story or feedback? Contact us at info@dailynewsnblog.com

    Contact Us
Trending News: If You Use Google Chrome, Your Device May Have Secretly Downloaded a 4GB AI ModelNew Summer Beauty: SPF, Serums, Makeup, Haircare, and SupplementsExxon Is Nearing a Deal to Pump Oil in Venezuela, Marking a Victory for TrumpNew York City residents will get a chance to purchase $50 World Cup ticketsRetirement, savings take a hit among parents struggling with child-care costs – NationalOntario faces child-care chaos as Ottawa loses interest: DenleyA trio of former BioWare devs are making ‘a neon-noir supernatural mystery game set in a stylized Canadian cityscape’NBA playoffs 2026: Ranking every possible Finals seriesWhy A $3,000 United Airlines Polaris Ticket No Longer Gets You Into The Polaris LoungeSpotify to reserve tour tickets for artist ‘superfans’ in support of live musicOne of Meta’s big legal reckonings just ended in a settlementNova Scotia Opposition says wait for mammograms shouldn’t be more than a year – HalifaxRafe Pomerance, who helped sound the alarm on climate change, dies at 79Five key takeaways from Democrats’ autopsy report on Kamala Harris’s loss | Kamala Harris NewsMinister Hussen announces support for financial stability in developing countries at the 2024 Annual Meetings of the International Monetary Fund and the World Bank GroupHyundai recalls some Elantra Hybrid vehicles over possible overheating, fire riskNixon goes to finance, LaGrange swaps health roles in Alberta cabinet shuffleZillow loses thousands of listings in fight over “hidden” homesSuit targets whites-only Arkansas community over applicant rejected for Jewish roots, Black husbandDomestic abuse law fails to recognise danger of tech abuse, Lords committee told | Online abuseOllie Robinson recall surprises former England fast bowler Stuart BroadWarhammer 40K: Dawn of War 4 gets a release date, as devs suggest we could get even more factions after launchMay 2026 Scene: New Exhibits, Hotel Opening and MoreDesigns for 250ft arch in Washington approved by panel of Trump appointees | Donald TrumpRight-leaning media voices react to Alberta court ruling on independence vote, ‘gotcha-style’ media stingMeta settles school suit over social media, averting trialMustard Made Storage Lockers Are on a Rare Sale Through May 31Resy credits: How to use these benefits to save on diningPoilievre says he’ll be campaigning ‘across Alberta’ for Canadian unityFederal Prosecutors Drop Charges Against ICE Protesters in Chicago AreaFertility and financial risk-taking – Marginal REVOLUTIONRecipe: Pistachio mint pesto – BCConvective Capital raises an $85 million fund to build disaster resilienceIPL 2026 – GT vs CSK – Ruturaj Gaikwad ‘really proud’ of CSK’s performance in ‘transition phase’EU cuts growth forecasts as Iran war drives up inflation‘Best before’ date labels behind $12B in waste as…Carrie Smith Named Vice President, Leasing and Revenue Growth at Zen Residential Ltd.Republicans cancel votes amid fight over Trump’s ‘anti-weaponization’ fundDestiny 2 to get final live-service update as Bungie ends developmentFamily of Brampton teen found dead in Saskatchewan devastated, searching for answers: advocateFormer Jeffrey Epstein assistant tells House Oversight Committee he abused her for yearsOpenAI makes breakthrough on 80-year-old maths problem | OpenAI“Should Not Have Boarded”: Air France Flight Barred From Detroit Over Ebola Entry Violation9 Best Home Saunas To Sweat It OutSamsung Averts a Walkout With Big Bonuses, but Discord Over A.I. Profits BrewsPoilievre says all Conservatives will campaign for Alberta to stay part of CanadaA look at the SpaceX IPO by the numbersItalian police stop party attended by Mick Jagger over music ban | Mick JaggerRams Fantasy outlooks: Players to avoid, target at ADP, moreMan arrested in 40-year-old rape and murder case after forensic genealogy investigationPolice federation calls for probe of CBC-APTN show, says officers were ‘misled’Inside WordPress.com’s Essential Plugin Attack ResponseSpotify Is Adding More AI Gunk For Podcasts And AudiobooksA Packed Day Of Game Reveals Just Ended With A Wave Of New DemosForeign ministers’ statement on legislation against United Nations Relief and Works Agency for Palestine Refugees in the Near East under consideration by the Israeli KnessetNet migration to the UK falls by nearly 50 percent amid tighter policies | Migration NewsMost couples prefer cash for down payments over traditional wedding gifts: surveyAnti-terror symbol bill not meant to target protests, justice minister saysTrump says he’s postponing AI executive order “because I didn’t like what I was seeing”Trump scraps signing of landmark executive order regulating AIAn Upcoming MLS Match on Apple TV Will Be Shot Entirely on the iPhone 17 ProAston Martin’s Brutal Reality: Why the Team Is Bracing for a Long, Painful F1 SummerToilets and changing rooms must be used on basis of biological sex, guidance confirmsBruce Springsteen says Colbert was cancelled because Trump ‘can’t take a joke’ – NationalWhat to do if your flight is canceled during the fuel crisisThe 3 Items That Will Make Jeans and a Tank Top Look ExpensiveVirginia judge dismisses charges against assistant principal in teacher shooting case | VirginiaPrime Minister Carney speaks with Chancellor of Germany Friedrich Merz and Prime Minister of Norway Jonas Gahr StøreYour slice of the bread price-fixing settlement is on its wayThis year’s Atlantic hurricane season expected to be below average, thanks to El NiñoThe Endless AI guitar pedal has potentialTony Carruthers’ lawyers ask for execution to be stopped, say corrections can’t find vein for IV lineWarhammer Skulls 2026 Game Trailers, Updates, and RevealsStudent sues University of Michigan over alleged surveillance tied to Gaza protests | US universitiesGiro d’Italia: Alec Segaert claims first-ever stage win on a Grand TourDemocrats’ Draft Report on 2024 Loss Puts Blame on Biden and BeyondStunning aerial footage still best thing about Top Gun at 40Kraken El Niño is coming for the cropsB.C. mineral claims case heads to the Supreme Court of CanadaSmarsh Introduces New Anthropic Integration to Capture and Govern Claude Enterprise Data Within Its PlatformCanada sees plunge in temporary resident arrivals in 2006Why The Most-Tested Boeing Aircraft In History Is Also 7 Years Behind ScheduleJudge dismisses all child neglect counts against Newport News assistant principal Ebony ParkerKatie Holmes Honored at American Ballet Theatre Gala: Inside the EventPests or pets? It turns out pigeons have a long history of eating human foodWhy the 2026 Hurricane Season Might Not Be That Bad100 days until Week 0: Top storylines, games and predictions for the 2026 seasonJapanese Charts: Switch 2 Sales Continue To Spike Ahead Of Price IncreaseTrump Again Says He Will Talk to Taiwan’s Leader, Risking China’s Angerhey, here’s a link to look up your local MP’s…Fed’s Barkin Says Repeated Supply Shocks Test Inflation AnchorThese are the Canadian regions with the highest rates of breast cancer – NationalSupreme Court sides with US company in claims over property seized in Cuban revolutionElon Musk and Other CEOs on Trump’s Trip to China Sought ReliefStellantis refreshing North American products — and building 11 new models by 2030Delta Dethrones United As The No.1 US Airline To Europe This SummerThis young startup is taking on a fragrance industry that hasn’t changed in a almost half centuryPutin and Lukashenko monitor joint Russia-Belarus nuclear exercises | Russia-Ukraine war NewsOttawa says it plans to shutter and sell its Nanisivik naval portA decade after Standing Rock protests, contentious segment of Dakota Access oil pipeline gets OK
Thu. May 21st, 2026

Inside WordPress.com’s Essential Plugin Attack Response


Running a WordPress site should not mean carrying the full weight of security operations yourself. On WordPress.com, security is handled at the platform level through continuous scanning, managed infrastructure, virtual patches, backups, and human-led response.

The Essential Plugin supply chain attack is one example of what that looks like in practice. When malicious code was found across a portfolio of plugins, WordPress.com security teams identified affected hosted sites, updated detection systems, deployed a DNS-level block against the attacker-controlled domain, and removed malicious code from impacted environments.

This post explains what happened, how WordPress.com responded, and why proactive, managed security matters for those who need WordPress flexibility without having to manage every security risk alone.

How the Essential Plugin attack unfolded

In early 2026, the WordPress community experienced a large supply chain attack on plugins by the “Essential Plugin” developer.

A buyer had quietly acquired the entire Essential Plugin portfolio (formerly WP Online Support) — a collection of 30+ plugins built up over eight years of legitimate development. Roughly six months after the acquisition, malicious code — wpos-analytics — was added to the plugins’ source.

For months, the malicious code sat dormant. Then, in early April 2026, the backdoor was activated. The compromised plugins began phoning home to analytics.essentialplugin.com, where the attacker could ship arbitrary payloads to every site running an affected version.

On April 7, 2026, WordPress.org patched and permanently closed all 31 plugins in the portfolio. The patch stopped active exploitation by preventing the backdoor from executing, but WordPress.com’s security team chose to go further on the sites we host by removing the attacker’s code from affected plugin files.

Why the Essential Plugin backdoor was different

What made this incident different was that the compromised code arrived through plugins that had previously been trusted. Site owners had not ignored updates or installed obviously suspicious software; the issue came through a familiar plugin supply chain.

A patch can stop malicious code from executing, but cleanup can go further. In this case, WordPress.com removed the attacker’s code from affected sites we host, rather than relying only on a disarm.

That distinction matters because WordPress.com’s security model is not limited to waiting for site owners to notice a problem or manually apply a fix. Our teams can detect, mitigate, and clean up issues across hosted sites at the platform level.

How WordPress.com contained the threat

Waiting for sites to be flagged through normal scanning would mean some sites could be carrying dormant attacker code for months or longer. This is why WordPress.com took a proactive approach to protect sites and mitigate this attack.

Within hours of the disclosure, WordPress.com security specialists obtained a full list of every WordPress.com hosted site running one or more of the affected plugin slugs — over 2,200 sites. We then:

  1. Updated our malware detection system to flag the malicious wpos-analytics module, the injected code block in each plugin’s main file, and flag suspicious activity unique to the malware.
  2. Deployed a DNS-level block across WP Cloud for analytics.essentialplugin.com, preventing affected sites from reaching the attacker-controlled domain entirely.
  3. Surgically cleaned up all affected sites by completely removing the wpos-analytics directory and removing specific malicious code from the plugin files.
  4. Coordinated with WPScan to publish vulnerability records so site owners across the wider WordPress ecosystem — not just on WordPress.com — could be alerted by their security tooling.

The result: WordPress.com removed the attacker’s code from affected hosted sites and blocked the attacker-controlled domain at the platform level.

How WordPress.com approaches security

WordPress.com’s security model is built on proactive protection. That includes automated scanning, infrastructure hardening, proactive mitigation, and human-led incident response working continuously behind the scenes.

Continuous monitoring and threat detection

Every WordPress.com site is scanned daily by Jetpack Scan against a constantly updated library of malware and vulnerability signatures. Suspicious behavior and compromised files are surfaced quickly so security specialists can investigate and respond before issues spread further.

When new threats emerge, detection systems can be updated rapidly across the platform, helping identify affected sites at scale.

Platform-level protection and mitigation

WordPress.com runs on a managed infrastructure designed to reduce common attack paths before they reach customer sites. Servers are patched and isolated, login abuse is rate-limited, and suspicious bot traffic is filtered automatically.

Core, plugin, and theme updates can also be applied automatically where appropriate. A managed Web Application Firewall helps block known exploit patterns at the edge before they ever reach your site. 

WordPress.com also uses virtual patches: platform-level mitigations that can block known critical vulnerabilities even when an affected plugin has not yet been updated, or no developer fix is available.

During the Essential Plugin incident, WordPress.com also deployed a DNS-level block across WP Cloud for the attacker-controlled domain tied to the attack infrastructure.

Human-led security response

Automation matters, but large-scale incidents still require human investigation and judgment.

WordPress.com security specialists handle malware analysis, vulnerability research, incident response, and site cleanup across the platform. When widespread threats emerge, the team coordinates detection updates, investigates affected environments, and works with plugin and theme authors on responsible disclosure.

In the Essential Plugin incident, WordPress.com identified affected hosted sites en masse and removed malicious code directly from impacted environments rather than relying solely on patches that disabled execution.

Recovery and resilience

Security also means being able to recover quickly when something goes wrong.

Automated off-site backups through Jetpack VaultPress Backup allow affected sites to be restored to a known-good state, often within minutes.

Here’s a closer look at the protections and the steps you can take to keep your site safe and secure on WordPress.com.

Build on WordPress.com with confidence

The flexibility of WordPress is one of its greatest strengths. Plugins, themes, and integrations give site owners the freedom to build what they need, but that freedom works best when it is supported by a strong security infrastructure behind the scenes.

That is where WordPress.com’s managed approach matters. Platform-level monitoring, virtual patches, malware scanning, backups, and human security specialists help reduce the operational burden on site owners without taking away the flexibility that makes WordPress powerful.

Security work is often invisible when it is working well. You may never see the scans, mitigations, cleanup, and response happening in the background, but they are part of what helps keep your site running securely so you can focus on building, publishing, selling, and growing on WordPress.com.

Explore WordPress.com Plans



Source link

    • dailynewsnblog

    Related Posts

    Achievement unlocked: your WordPress.com milestones now have a home – WordPress.com News
    Achievement unlocked: your WordPress.com milestones now have a home – WordPress.com News

    There’s a special kind of satisfaction in seeing your progress add up. The first post you publish. The first comment that turns into a conversation. The day you realize you’ve…

    Continue reading
    Jetpack Podcast on WordPress.com
    Jetpack Podcast on WordPress.com

    We’re launching Jetpack Podcast, a new way to publish, distribute, and grow a podcast from the same site as your blog and newsletter. If you’re on WordPress.com, it’s already in…

    Continue reading

    Leave a Reply

    Your email address will not be published. Required fields are marked *

    You Missed

    Technology

    If You Use Google Chrome, Your Device May Have Secretly Downloaded a 4GB AI Model

    If You Use Google Chrome, Your Device May Have Secretly Downloaded a 4GB AI Model
    Fashion

    New Summer Beauty: SPF, Serums, Makeup, Haircare, and Supplements

    New Summer Beauty: SPF, Serums, Makeup, Haircare, and Supplements
    World

    Exxon Is Nearing a Deal to Pump Oil in Venezuela, Marking a Victory for Trump

    Exxon Is Nearing a Deal to Pump Oil in Venezuela, Marking a Victory for Trump
    Politics & Government:

    New York City residents will get a chance to purchase $50 World Cup tickets

    New York City residents will get a chance to purchase $50 World Cup tickets
    Business & Economy

    Retirement, savings take a hit among parents struggling with child-care costs – National

    Retirement, savings take a hit among parents struggling with child-care costs – National
    Major News Outlets

    Ontario faces child-care chaos as Ottawa loses interest: Denley