Latest News

September saw a steady stream of WordPress core, plugin and theme vulnerabilities — some critical, some with no fixes yet. If you run a WordPress site, this is your prompt to review updates and tighten your defences to protect revenue, reputation and SEO.

If your team still uploads website files over SFTP with a username and password, you’re leaving the door ajar. Attackers constantly probe SSH/SFTP ports and reuse leaked credentials to force their way in. Switching to SSH key authentication closes off that easy route and reduces the risk of malware landing on your WordPress site — protecting SEO, customer trust and revenue

We’re seeing a wave of stealthy backdoors on compromised WordPress websites that quietly create administrator users and keep them there. Even if you delete the rogue account, the malware simply brings it back. Here’s what non-technical site owners need to know — and how to protect your business.

Some WordPress sites are seeing visitors land normally and then—after a short pause—being whisked away to unrelated, sometimes unsafe pages. Our review of recent incidents points to a fake plugin dubbed “WordPress Player” that quietly injects code and takes control of the visitor’s browser. Here’s what’s going on, why it matters for your business, and what to do next.

WordPress websites are frequent targets for cybercriminals, with new threats emerging all the time. One such attack recently uncovered is a JavaScript malware campaign that redirects website visitors to harmful third-party domains, damaging reputations and putting users at risk.

In the ever-evolving landscape of cybersecurity, WordPress websites have become frequent targets for malicious actors. A recent incident underscores the importance of vigilant website maintenance and security.

In the world of online business, your website is often the first point of contact with your customers. But what if your site becomes a liability rather than an asset? A recent discovery highlights just how crucial it is to keep your WordPress website—and its plugins—up to date.

The European Union's General Product Safety Regulation (GPSR) (EU) 2023/988 is a significant update to consumer product safety laws, replacing the General Product Safety Directive (GPSD) 2001/95/EC. Effective from 13 December 2024, the GPSR aims to enhance consumer protection by addressing challenges posed by digitalisation and online marketplaces.

WordPress powers approximately 43.5% of all websites, making it the most popular content management system globally. This widespread use, while advantageous for its flexibility and user-friendliness, also makes WordPress a prime target for cyberattacks. Recently, a sophisticated PHP reinfector and backdoor malware has been identified by Sucuri, targeting WordPress sites by embedding malicious code into plugins and critical database tables like wp_posts and wp_options.

From May 2021, Google is updating its algorithm to include Core Web Vitals which use user experience as a ranking signal for websites. We explain what this update means and what you can do to improve your website. 

Your Brand MattersThe idea of the brand is central to marketing, That is why many of our clients ask us to work with them to get their branding right.Most of us use the term ‘brand’ in everyday conversation.But it can be misdefined. Many companies also find it difficult to pin down the nuts and bolts of their own brands

Star Platforms is an exciting new powered access company that wanted to make a bold entrance to the plant hire world.The company, based in Hertfordshire, wanted a strong, instantly-recognisable brand to help them establish their profile in a highly competitive market.Star Platforms’ management team turned to matm, which has a great deal of experience in the plant hire market, to create its brand identity.