In the second episode of the Webmonkey podcast we take a dive into web security, looking closely at the zero day cross site scripting vulnerability in WordPress 4.2, and the patch that was quickly added to fix it. Your host Jake Spurlock is joined by WIRED Lead Engineer, Zack Tollman to talk about security, best practices and more.

Story Links

Just-released WordPress 0day makes it easy to hijack millions of websites

Disclosure of the vulveribility.

Diff of the patch

What happens when…

Apple details how it rebuilt Siri on Mesos

Visual Studio Code

Sad day… #bigwp pic.twitter.com/SUXhD9GnuA

— Jake Spurlock (@whyisjake) April 15, 2015

Zack’s Friday Faves

Deprecating Non-Secure HTTP

Android apps still suffer game-over HTTPS defects 7 months later

Putting the ‘Hot Hand’ on Ice

Jake’s Friday Faves

Game of Thrones Recap: This Season, Everything Changes

Game of Thrones Recap: The Return of Arya—And an Old Friend

Game of Thrones Recap: A Wedding and Some Funerals

Send the hosts feedback on their personal Twitter feeds (Jake Spurlock is @whyisjake and Zack Tollman is @tollmanz) or to the main hotline at @Webmonkey.

http://www.wired.com/wp-content/uploads/2015/05/Webmonkey-5-1-15.mp3