Business Roundup Week Ending January 19

The Unexpected Attack Vector Responsible for 60% of Hacked WordPress Sites in 2023?

• Thomas J. Raef, Founder of WeWatchYourWebsite, recently released a surprising finding based on analysis of 851+ billion WordPress log entries from more than 4 million WordPress websites.
• Compromised login credentials, and theme and plugin vulnerabilities were key attack vectors, but were not responsible for the majority of attacks.
• 60% of WordPress hacks in 2023 were caused by stolen session cookies.
• Stolen session cookies happen when a user logs in from a compromised computer. The malware then sends the cookie to a bad actor who has immediate access to the website.
• This attack is especially effective because it works regardless of password complexity, two-factor authentication, VPN, or even passkeys.
• Protecting against the attack involves keeping computers malware free by using security software and guarding against phishing attacks.
• Also, something as simple as logging out after every admin session can prevent successful session hijacking.
• How can you educate your clients about this new threat to their website’s security?
• Want to dig deeper? Check out this great article from Thomas J. Raef.

Can the Block editor and Page Builders Coexist?

• No doubt about it, the Block Editor’s capabilities have greatly improved, making it a viable website building option for basic sites.
• However, complex designs often still require page builders or custom code.
• Block editor proponents say sites designed in page builders are locked into those tools. However, using certain add-on block ecosystems have essentially the same effect.
• Some speculate page builder pricing may increase and user bases decline. However, many users still prefer the all-in-one experience of page builders over installing multiple plugins.
• Is there room for both the Block Editor and page builders in the WordPress world? What choice is right for your agency?
• Read more on this lively debate in this excellent article from Eric Eric Karkovack.

ChatGPT Under Fire: Understanding the Emerging Legal Risks

• OpenAI must defend itself in court after a judge denied its motion to dismiss a lawsuit by radio host Mark Walters. He claims ChatGPT defamed him by fabricating an embezzlement lawsuit.
• OpenAI’s liability theories around ChatGPT’s frequent falsehoods, or “hallucinations,” will now be tested in court for the first time.
• Do ChatGPT’s inaccuracies expose OpenAI and users to defamation liability if they publish content without verification? What do you think?
• This is certainly an important case to watch. Read more about it here.

Worth a Look

• One question continues to intrigue content creators and Internet enthusiasts in 2024: is blogging still relevant? Check it out.
• Sam Altman says ChatGPT will have to evolve in “uncomfortable” ways. Read on to learn more.
• Matt Medeiros makes 3 Predictions for WordPress in 2024.