NIS2 puts an incident on a clock. If a client is affected, an early warning is due within 24 hours, a full notification within 72 hours, and a final report within 30 days. Most small WordPress agencies and freelancers are not in scope themselves, but their clients are, and the supply chain rules pull us…

Discover how attackers weaponize WordPress native search endpoint for devastating DDoS attacks, while learning practical defense strategies from a cybersecurity perspective. This talk reveals a hidden vulnerability in standard WordPress installations and provides easy solutions.

“Secure hosting” is everywhere in WordPress, but what does it actually protect against? We put this claim to the test with real penetration testing: 30 known vulnerabilities, multiple hosting providers, standardized methodology validated by independent observers. The findings reveal a critical gap between marketing and reality. WordPress-specific attacks succeed most of the time. This talk…