dda
What is the current WordPress login and password reset activity?
We are seeing increased automated AI bot activity targeting WordPress websites, attempting logins and triggering password reset requests to identify valid admin users. This is a probing stage of an attack, and while no breach is confirmed, it highlights the importance of keeping your website fully updated and protected.
WordPress Login & Password Reset Activity Alert
Over the past 24 hours, we have identified a sharp rise in WordPress login and password reset activity across multiple websites. This is not isolated to a single site or server, it is being seen playing out globally.
This activity is being driven by automated AI powered bots targeting WordPress websites to identify valid admin users and test login and password reset processes. At this stage, this is considered a probing attempt rather than a confirmed breach, however it is an early stage of attack behaviour that should not be ignored, as after the probing stage then it can lead to further attacks.
What This Means for Your Website
These bots are not trying to access your email inbox. Instead, they are attempting to:
• Identify valid usernames
• Trigger password reset processes
• Test login endpoints for weaknesses
• Prepare for further attacks using gathered data
If your website platform, plugins, or security setup are outdated, it increases the risk of being exploited as these attacks evolve.
Why This Is Becoming More Common
With AI now being used to automate attack patterns, this type of activity is increasing rapidly. What used to be occasional probing is now happening at scale and far more frequently.
Where previously updates may have been carried out a few times per year, we are now seeing a shift even away from monthly, towards more weekly updates being required to keep websites secure and protected. This is why maintaining an up to date website is more important now than at any point in the past for your business.
Your Current Position
If you do not have an active maintenance or support plan in place, your website is not being monitored or updated on an ongoing basis.
We have recently carried out platform and security updates for clients where requested, however this current activity is separate to that. This is a live, ongoing situation, and we are making all clients aware so you can make an informed decision, about how you want to protect your business.
You are under no obligation to take action, and it is entirely your choice whether you wish to proceed with updates or leave your website as it currently stands.
How We Can Help
If you would like to protect your website against this type of activity, we can assist with:
• Ongoing maintenance and security support
• Regular updates to WordPress, plugins and themes
• Login and password reset protection measures
• System hardening and monitoring
We can also provide a one off update to bring your website up to date from its current position if preferred. Ongoing support is always the recommended approach to ensure your website remains secure moving forward, however this is a business decision for you to make.
Get in Touch
This is not a routine update message or post. We are proactively informing all clients due to current increased activity being seen across WordPress websites, and it is important you are aware of it. This type of attack, now more commonly driven by AI bots, is expected to increase as this technology continues to develop and be used for both legitimate and malicious purposes.