Our threat intelligence team discovered a vulnerability in the wpDiscuz plugin, affecting over 80,000 sites. A blind SQL injection attack affected analytics service WayDev, exposing OAuth tokens for GitHub repositories for software companies, leading to further breaches. A debate about problematic admin notices on the WordPress admin dashboard has many wondering how to best solve the issue, while WordCamps move to all virtual in 2020. Garmin's ransomware attack takes down more than step counting.