ByteBrief
We're a portrait publication through and through. Turn your phone back and your briefing picks up right where you left it.
(We tried widescreen once. It wasn't us.)

A pre-auth RCE vulnerability in WordPress core, named wp2shell, lets anonymous attackers run code on default installs with no plugins. WordPress shipped versions 6.9.5 and 7.0.2 on July 17, 2026, closing the flaw. Adam Kues at Assetnote discovered the bug and reported it through HackerOne.
Tap to vote and see what everyone thinks.
Summary by ByteBrief