Agency News Weekly

WPE Customer Files Class Action Lawsuit Against Matt & Automattic

On Friday, a lawsuit was filed by a WP Engine customer against Automattic and Matt Mullenweg alleging multiple counts of tortious interference, and violations of California’s Unfair Competition Law.
The suit was filed by Ryan Keller, CEO of SecureSight, a cybersecurity and IT services provider in Ohio.
It seeks to represent all US-based WPE customers who had active WordPress hosting plans between September 24 and December 10, 2024.
The plaintiff claims that Automattic’s actions were aimed at undermining WPE’s services, adversely affecting businesses relying on WPE, including his own.
The complaint highlights that the success of WordPress is largely due to its extensive community and the availability of numerous plugins and themes, and that the interference of Matt and Automattic has destabilized the WordPress ecosystem and caused significant harm to users and developers.
The lawsuit seeks to address these grievances and hold the defendants accountable for the alleged contractual disruptions.

OpenAI is canceling its standalone o3 model release to focus on GPT-5, a comprehensive AI model that will unify their technology stack and simplify user experience according to a recent tweet from CEO Sam Altman.
GPT-5 aims to intelligently determine when longer processing times and chain-of-thought reasoning are necessary for complex tasks.
Currently users must select whether to use a generative model (like GPT-4o) or a reasoning model (like o1 or o3-mini).
This strategic shift includes plans for tiered access levels and integrated features like voice, canvas, and deep research capabilities.
In the coming weeks, OpenAI plans to launch GPT-4.5 as their final non-chain-of-thought model in coming weeks.
Altman says that all users will unlimited chat access to GPT-5’s standard intelligence setting (subject to abuse thresholds).
TechCrunch reports ChatGPT Plus subscribers will receive access to enhanced intelligence levels in the upcoming GPT-5 model.

Hackers are exploiting Google Tag Manager to steal credit card details from e-commerce sites.
Sucuri researchers discovered a malicious script injected into GTM containers, allowing attackers to skim payment information without detection.
This method bypasses traditional security measures since GTM is a generally trusted platform for website analytics and marketing tags.
The attackers use obfuscation techniques to hide their code, making it difficult for security tools to detect.
Once embedded, the script captures payment details entered by users and transmits them to an external server controlled by the hackers.
E-commerce sites using GTM should review their containers regularly to ensure no unauthorized scripts are present.
Website owners are advised to implement Content Security Policies (CSP) and Subresource Integrity (SRI) checks to prevent malicious modifications.
Though Google has been notified of the issue, website admins must take proactive measures to secure their payment pages.
This latest attack highlights the ongoing risks of supply chain compromises and the importance of monitoring third-party scripts.

Confused by who-owns-what in WordPress? This mind map shows what Matt actually owns: doesmattownthis.com.
WordPress.com has relaunched their 100-Year Domain and Website Plan.
And last (and probably least), ASUS has released a desktop mouse that smells. Literally.