One of the big roadblocks we see to improving the security of WordPress websites (as well website security and security more broadly) is the really poor state of security journalism. Among the many issues that have created that situation seems to be the ownership of security journalism outlets by security companies, seeing as good security journalism would at this time consist of a lot of critical coverage of the poor state of the security industry (to put it lightly) and for various reasons that is less likely to happen when security journalists work for security companies or may be working for them in the future.
One such outlet is the Threatpost, which was until October 2017 publicly owned by the Russian security company Kaspersky Lab (here is homepage on October 20, 2017 with the footer reading “The Kaspersky Lab Security News Service” and here is it on October 25, 2017 with that gone). Both before and after that happened the Threatpost was promoted as “an independent news site”, despite that seeming to not be an accurate description. [Read more]