News

Flippa celebrated the six-figure sale of the Essential Plugin portfolio; eight months later the buyer activated a backdoor across 20,000+ WordPress sites using Googlebot cloaking and a C2 routed through an Ethereum smart contract.

Website hacks are no longer rare incidents. They are a growing operational challenge for web hosts and digital agencies. When a client’s site gets compromised, the immediate expectation is clear: fast resolution and expert support. If providers fail to respond effectively, frustration builds quickly and often leads to customer churn. However, security incidents can also

Let's Encrypt issues approximately ten million certificates per day and is closing in on protecting one billion websites, making its May 13 root certificate switch a change that affects the majority of SSL certificates in any hosting provider's customer base. The two deadlines that require immediate action are May 13, when renewal automation must be verified to handle future shorter lifetimes correctly, and July 8, when client authentication certificates issued by Let's Encrypt stop working entirely. Providers whose automation relies on acme.sh face an additional gap: acme.sh does not yet support ACME Renewal Information (RFC 9773), the mechanism that lets Let's Encrypt communicate renewal windows directly to clients.

Cloudflare's 2026 Threat Report describes attackers who log in rather than break in, using stolen session tokens that bypass MFA entirely. On World Backup Day, the question worth asking is not whether you have a backup, but whether the attacker who logged into your environment three weeks ago has already found it.

The European Commission confirmed attackers accessed its AWS-hosted Europa.eu infrastructure and took data. AWS says its platform was not the issue, the customer account configuration was.

Cloudflare blocks AI bots by default and is testing a pay-per-crawl model. SiteGround silently filters training crawlers at the server level. IONOS rate-limits AI agents on shared hosting. As AI crawler traffic surges, hosting providers are splitting into those who have acted and those who have not - and the gap is becoming a competitive differentiator.

China's amended Cybersecurity Law, Hong Kong's first critical infrastructure statute, and Singapore's expanded compliance framework have all taken effect. For hosting businesses operating in the region, the compliance cost of inaction is now measured in millions.

High-profile breaches in South Korea, a near-universal shift toward outsourced security operations in Vietnam, and an evolving ransomware threat profile are defining the security reality for Asian hosting providers this quarter.

Security doesn’t stand still, and neither should the hosting industry. Welcome to the February 2026 WebHosting.Today Monthly Security Update, created in partnership with our trusted security sponsors, Monarx and Patchstack. Together, we’re delivering practical threat intelligence, real-world insights, and clear guidance for hosting providers, agencies, and WordPress professionals navigating today’s evolving risk landscape. No hype,

A community-led forensic investigation links the attacks to a reported breach of 21 million records from PrestaShop's own Addons Marketplace.  PrestaShop has not confirmed or denied the connection, only issued a security alert on February 12, 2026, notifying merchants that a digital skimmer is actively replacing payment buttons on checkout pages with fraudulent duplicates.  When