Daily brief at 7am Melbourne. Unsubscribe any time.

Sunday 19 July 2026 · Melbourne

Any Anonymous Request Can Now Own Your WordPress Site — Here's the Bug

A critical WordPress core flaw with a public proof-of-concept is exposing every unpatched 6.9 and 7.0 site to unauthenticated remote code execution — and the clock is ticking.

Lead story

Any Anonymous Request Can Now Own Your WordPress Site — Here's the Bug

WordPress powers roughly 43% of the web. That's a lot of surface area for a single unauthenticated remote code execution flaw — which is exactly what landed this week in the form of wp2shell, now carrying two official CVE IDs and a working proof-of-concept available to anyone who looks for it.

The vulnerability lives in WordPress core itself, not in a plugin or theme. That's the part that stings. You don't need a poorly configured third-party extension for this to bite you — a stock, freshly installed WordPress 6.9 or 7.0 site with no plugins at all is fully exploitable. An attacker sends a crafted HTTP request without any credentials and can execute arbitrary code on the server. Game over.

Since the initial disclosure, researchers have also identified a complicating factor: a persistent-object-cache condition that can affect how the vulnerability is triggered in certain hosting configurations. The practical implication is that some sites may be exploitable even where mitigations were thought to have partially applied. The full exploitation mechanism is now public, which compresses the window between "patch announced" and "actively exploited at scale" to something close to zero.

Why does this one stand out? Most critical WordPress vulnerabilities require a plugin to be installed, or at minimum an authenticated user to be tricked. wp2shell requires neither. The attack chain is short — anonymous request in, shell out — which makes it trivially automatable. WordPress botnets have historically been assembled in hours once a weaponisable bug surfaces; this is exactly the kind of flaw that feeds them.

The patch is in WordPress 7.0.1 (and backported to the 6.9 branch). If you or anyone on your team manages a WordPress site, update now. Not "schedule it for Monday." Now.

For defenders monitoring networks, watch for unusual POST requests to WordPress REST API and wp-cron.php endpoints, unexpected PHP process spawning from web server workers, and any new admin accounts or file writes you didn't authorise.

Australian context: WordPress is the dominant CMS across Australian government, media, healthcare, and small business websites. The Australian Signals Directorate's Essential Eight maturity model lists patching internet-facing services within 48 hours as a baseline control for Maturity Level 1 — this flaw is precisely the scenario that requirement was written for. Organisations running managed WordPress hosting should confirm with their providers that auto-updates are enabled or that the patch has been manually applied. ACSC advisories often lag public PoC timelines, so don't wait for an official bulletin before acting.

The broader lesson here isn't new, but it keeps needing to be said: core software vulnerabilities are categorically worse than plugin vulnerabilities because there's no opt-out. Every site on the affected version is in range, regardless of how carefully it was configured. Security-by-plugin-hygiene doesn't help you when the floor itself has a hole in it.

Also today

Moonshot AI's Kimi Update Reignites 'Open AI' Debate in China

Chinese AI lab Moonshot AI dropped a new version of its Kimi model this week, releasing weights openly and pricing access at near-zero — prompting commentary about what critics are calling "full AI communism." The framing is hyperbolic, but the underlying dynamic is real: Chinese labs are increasingly competing on openness and low cost, forcing Western commercial AI providers to justify their pricing models. Kimi has strong multilingual performance and is gaining traction outside China. Whether it poses a genuine competitive threat to frontier Western models or is best understood as a different product category entirely is the more interesting question underneath the headlines.

TechCrunch

Databricks Hits $188 Billion Valuation on AI Data Infrastructure Bet

Databricks has closed a new funding round valuing it at $188 billion, cementing its position as one of the most valuable private companies on earth. The company has successfully repositioned from a data engineering platform to an AI-native stack, and has been publishing research arguing that open-weight models dramatically reduce the cost of AI-assisted coding compared to proprietary alternatives. For the broader market, the valuation signals that investors still believe the data infrastructure layer — the pipes beneath the model — is where long-term enterprise AI value will accumulate. Australian organisations running significant data operations on Databricks or competing platforms are sitting inside a rapidly consolidating market.

TechCrunch

Dave Eggers Told OpenAI Staff ChatGPT Is 'Silencing a Generation' of Writers

Novelist and McSweeney's founder Dave Eggers accepted an invitation from Sam Altman to address around 200 OpenAI employees — and used the platform to argue that ChatGPT is suppressing the development of young writers rather than augmenting them. Eggers, who has spent decades building literacy programs and creative writing schools, reportedly made the case directly and without diplomatic softening. The talk has since circulated internally and beyond. It's a rare instance of an invited critic being given a genuine audience inside one of the most powerful AI companies, and the fact that Altman extended the invitation at all says something — though exactly what remains open to interpretation.

The Verge

US Government Pilots AI for Health Insurance Prior-Authorisation Decisions

The US federal government is testing an AI system to assist with prior-authorisation determinations — the insurance approval process that controls whether patients receive specific treatments. Proponents argue it could accelerate decisions that currently take days and disproportionately delay urgent care. Critics worry algorithmic denial is harder to appeal, less transparent, and may embed existing biases in coverage decisions at scale. The pilot is significant because prior authorisation is already one of the most-contested pain points in the US health system. Australia's PBS and Medicare frameworks don't use prior authorisation in the same way, but the broader question of AI in healthcare gatekeeping is arriving here too.

Ars Technica

Federal Employees Can Put TikTok Back on Their Work Phones

The US Department of Justice has reversed the ban on TikTok being installed on federal government devices, allowing employees to download the app on work-issued phones. The move follows the broader legal and political settlement around TikTok's US operations after its ownership restructure. The policy reversal is notable less for the app itself and more for what it signals: the national-security framing that drove the original ban is being quietly unwound at the federal level. Australian government agencies still operate under ASD guidance that treats TikTok as a risk on government devices — that position has not changed.

TechCrunch

The Zoom Trick Designed to Say 'Don't Transcribe This'

With AI transcription and meeting summaries now baked into Zoom, Teams, and most enterprise collaboration tools, a small research community has been exploring ways to signal — or enforce — that a conversation shouldn't be recorded. One technique involves embedding audio or metadata cues that cause AI transcription to produce garbled or blank output for specific segments. It's part practical hack, part philosophical provocation: as ambient AI recording becomes the default, what does conversational privacy even mean? The piece is worth reading as a preview of workplace and social norms that are going to need to be negotiated explicitly in the next few years.

TechCrunch

Index Ventures Co-Founder: The AI Wealth Concentration Is Unsustainable

Neil Rimer, who co-founded Index Ventures and has backed companies including Dropbox, King, and Robinhood, says the extraordinary wealth being generated by AI in Silicon Valley will eventually have to flow back out — either through voluntary redistribution or political pressure. Speaking at a public event, Rimer drew a distinction between the current AI wave and previous technology cycles, arguing that the concentration of returns at a small number of companies and individuals is more extreme than anything seen before. It's a notable admission from someone who sits squarely inside the system he's describing.

TechCrunch

Waymo Paused San Francisco Robotaxis for an Hour Due to a Power Outage

Waymo temporarily suspended its driverless ride-hail service in San Francisco after a local power outage disrupted operations, with the fleet offline for roughly an hour before resuming. It's a small incident in isolation, but it points to a meaningful infrastructure dependency: autonomous vehicle fleets rely on continuous connectivity to backend systems for mapping updates, telemetry, and safety oversight. A power or connectivity disruption isn't just an inconvenience — it grounds the whole fleet. As Australian cities engage in early-stage conversations about autonomous vehicle trials and regulation, understanding failure modes and the infrastructure requirements of commercial AV deployment is essential groundwork.

TechCrunch

Previous briefs