PC World

Cookies open WordPress accounts to easy hijacking

If you’re a WordPress.com user you’ll want to be extra cautious the next time you’re tempted to whip up a blog post from your local coffee shop. If anyone on the same open connection is using a ...
Ars Technica

Unsafe cookies leave WordPress accounts open to hijacking, 2-factor bypass

Memo to anyone who logs in to a WordPress.com-hosted blog from a public Wi-Fi connection or other unsecured network: It’s trivial for the script kiddie a few tables down to hijack your site even if it ...