Tech Roundup Week Ending February 24

https://wptavern.com/wordpress-6-2-beta-3-released-contributors-to-host-live-product-demo-on-march-2

WordPress 6.2 Beta 3 has been released following the first-ever WordCamp Asia in Bangkok, Thailand. This beta release is open for testing by developers and users who want to try out the new features before the official release of WordPress 6.2 later this year. With these updates, WordPress continues to improve its user experience and maintain its position as one of the most popular content management systems on the web.

https://make.wordpress.org/core/2023/02/18/proposal-updates-to-the-wordpress-release-cycle/

Andrew Ozz posted a proposal on WordPress.org to update the WordPress Release Cycle.

• The WordPress feature freeze is when the development of features and enhancements ends, and testing and bug fixing continues.

• An exception to the feature freeze used to be made for features not ready in time for Beta 1, but recently this has become part of the standard release workflow.

• Many users have already tested features and enhancements from Gutenberg, so there is no need to change task tickets before Beta 1.

• It is proposed that a new ticket type should be introduced (e.g., “Gutenberg merge”), or the existing Gutenberg-merge keyword can be used to distinguish these tickets.

https://www.bleepingcomputer.com/news/security/godaddy-hackers-stole-source-code-installed-malware-in-multi-year-breach/

GoDaddy discovered a security breach in early December 2022 following customer reports of their sites being redirected to random domains. Investigation revealed that attackers had access to the company’s network for multiple years, during which they installed malware and obtained source code. 

Previously disclosed breaches in November 2021 and March 2020 are also linked to this multi-year campaign. The November 2021 incident led to a data breach affecting 1.2 million Managed WordPress customers who had their email addresses, WordPress Admin passwords, sFTP and database credentials, and SSL private keys exposed.

The March 2020 breach saw 28,000 customers affected after attackers used their web hosting account credentials to connect to their hosting account via SSH. GoDaddy is now working with external cybersecurity forensics experts and law enforcement agencies worldwide as part of an ongoing investigation into the root cause of the breach. Evidence has been found linking attackers to a broader campaign targeting other hosting companies internationally over the years, whose goal is to infect websites and servers with malware for phishing campaigns and other malicious activities.