Connect with us

WORDPRESS

A Social Experience Anchored by Your Domain – WordPress.com News

Published

on

A Social Experience Anchored by Your Domain – WordPress.com News

How would you like to use one of your domains as your handle across the web? Here’s a first step towards making that a reality.

WordPress.com is an organization — like others within Automattic — that is heavily invested in Open Source and the democratization of the web. We genuinely believe that everyone should have control over their presence, their data, and even their social experiences. That’s why we’re really excited about some of the work Bluesky is doing.

What is Bluesky?

We’re building a new foundation for social networking which gives creators independence from platforms, developers the freedom to build, and users a choice in their experience.

blueskyweb.xyz

Think about all of the different pieces tied to any one of your social accounts:

  • Your username – how people identify you in that platform
  • Your connections/network
  • The content you’ve created
  • The media you’ve uploaded
  • The conversations you’ve had with others
  • Your connections to influencers, brands, and businesses
  • Purchases within a specific platform

Now, imagine being able to bring all of that with you when you get frustrated with changes on one social network and rediscover the magic of one you had *almost* forgotten about. 😉

This is exactly what Bluesky is trying to accomplish with its AT Protocol, and we can’t way to see how it evolves.

See also  WordPress best practices and plugins to think about in 2023

That’s so cool! Why is that cool?

So glad you asked!

We’re all probably familiar with the “blue checkmark of officialness” used across may social platforms. It’s essentially a way for users to identify the real accounts for famous and notable people/brands/things.

Bluesky lets you claim a domain that you own as your username/handle, and they automatically verify it by checking your domain for a simple text record. That may sound complicated, but it’s actually quite simple — especially on WordPress.com.

Think of it like any kind of certificate you might get, which often requires a signature from you as well as from some sort of official before it’s considered a verified document. It’s just like that, except that instead of collecting dust, this unlocks a digital superpower: a consistent way for anyone to find the real you (potentially) anywhere on the web.

How do I add a text record to my domain?

I’ll cover some simple steps for those of you who manage your domains here on WordPress.com. If you have domains registered elsewhere on the web you will have to check that registrar’s documentation. If you’d rather just manage it here, you can check out the steps to transfer it over.

Note: You will need an invitation to join to the private beta of Bluesky before you can set up an account and use this feature.

See also  55 Social Media Post Templates to Inspire Your Online Marketing Strategy [Infographic]

6 easy steps

Step 1: Navigate to the site that your domain is associated with on WordPress.com — if you only have one site you can simply go to WordPress.com.

Step 2: Use the left hand menu to navigate to Upgrades/Domains.

Step 3: Identify the domain you want to use and click on the vertical elipses on the right. Click “view settings.”

Step 4: Click on the arrow to the right of “DNS Records” to expand the information. Click on “Manage.”

Step 5: Click the “+ Add Record” button at the top of the screen.

Step 6: Change the record type from “A” to “TXT.”

Step 7: Add the Bluesky information to your record.

  • Add _atproto in the “domain name (optional)” field.
  • Add the Bluesky “Value” in the “Text” field.

Step 8: Click the “Add DNS record” button.

I’m always pleasantly surprised by how fast our DNS is. In this case, I was able to verify the record in the Bluesky app less than 30 seconds after I saved it on WordPress.com. Here’s what the app looks like while you’re setting up, after it’s verified, and after you officially update your handle.

If you made it this far, you’re at least a little bit interested. Let us know what piqued your interest in the comments!


See also  Why Bulk Content Creating For Social Media Saves You Time

Join 97,719,300 other subscribers

Source link

Keep an eye on what we are doing
Be the first to get latest updates and exclusive content straight to your email inbox.
We promise not to spam you. You can unsubscribe at any time.
Invalid email address

WORDPRESS

Researchers Spot a Different Kind of Magecart Card-Skimming Campaign

Published

on

Researchers Spot a Different Kind of Magecart Card-Skimming Campaign

An attacker under the Magecart umbrella has infected an unknown number of e-commerce sites in the US, UK, and five other countries with malware for skimming credit card numbers and personally identifiable information (PII) belonging to people making purchases on these sites. But in a new wrinkle, the threat actor is also using the same sites as hosts for delivering the card-skimming malware to other target sites.

Researchers from Akamai who spotted the ongoing campaign note that this not only makes the campaign different from prior Magecart activity, but it’s also much more dangerous.

They assess that the cyberattacks have been going on for at least one month and have potentially affected tens of thousands of people already. Akamai said that in addition to the US and UK, it has spotted websites affected by the campaign in Brazil, Spain, Estonia, Australia, and Peru.

Payment Card Theft & More: A Double Compromise

Magecart is a loose collective of cybercriminal groups involved in online payment card-skimming attacks. Over the past several years, these groups have injected their namesake card skimmers into tens of thousands of sites worldwide — including sites such as TicketMaster and British Airways —and stolen millions of credit cards from them, which they have then monetized in different ways. 

See also  Why Bulk Content Creating For Social Media Saves You Time

Akamai counted Magecart attacks on 9,200 e-commerce sites last year, of which 2,468 remained infected as of the end of 2022.

The typical modus operandi for these groups has been to surreptitiously inject malicious code into legitimate e-commerce sites — or into third-party components such as trackers and shopping carts — that the sites use, by exploiting known vulnerabilities. When users enter credit card information and other sensitive data on the checkout page of compromised websites, the skimmers silently intercept the data and send it to a remote server. So far, attackers have primarily targeted sites running the open source Magento e-commerce platform in Magecart attacks.

The latest campaign is slightly different in that the attacker is not just injecting a Magecart card skimmer into target sites but is also hijacking many of them to distribute malicious code. 

“One of the primary advantages of utilizing legitimate website domains is the inherent trust that these domains have built over time,” according to the Akamai analysis. “Security services and domain scoring systems typically assign higher trust levels to domains with a positive track record and a history of legitimate use. As a result, malicious activities conducted under these domains have an increased chance of going undetected or being treated as benign by automated security systems.”

See also  55 Social Media Post Templates to Inspire Your Online Marketing Strategy [Infographic]

In addition, the attacker behind the latest operation has also been attacking sites running not just Magento but other software, such as WooCommerce, Shopify, and WordPress.

A Different Approach, Same Outcome

“One of the most notable parts of the campaign is the way the attackers set up their infrastructure to conduct the web skimming campaign,” Akamai researcher Roman Lvovsky wrote in the blog post. “Before the campaign can start in earnest, the attackers will seek vulnerable websites to act as ‘hosts’ for the malicious code that is used later on to create the web skimming attack.”

Akamai’s analysis of the campaign showed the attacker using multiple tricks to obfuscate the malicious activity. For example, instead of injecting the skimmer directly into a target website, Akamai found the attacker injecting a small JavaScript code snippet into its webpages that then fetched the malicious skimmer from a host website. 

The attacker designed the JavaScript loader to look like Google Tag Manager, Facebook Pixel tracking code, and other legitimate third-party services, so it becomes hard to spot. The operator of the ongoing Magecart-like campaign also has been using Base64 encoding to obfuscate the URLs of compromised websites hosting the skimmer. 

“The process of exfiltrating the stolen data is executed through a straightforward HTTP request, which is initiated by creating an IMG tag within the skimmer code,” Lvovsky wrote. “The stolen data is then appended to the request as query parameters, encoded as a Base64 string.”

See also  Woman Defrauded in Fake Rich Grandma Gift Card Scam on Facebook

As a sophisticated detail, Akamai also found code in the skimmer malware that ensured it did not steal the same credit card and personal information twice.

Source link

Keep an eye on what we are doing
Be the first to get latest updates and exclusive content straight to your email inbox.
We promise not to spam you. You can unsubscribe at any time.
Invalid email address
Continue Reading

WORDPRESS

Introducing Jetpack AI Assistant in WordPress.com – WordPress.com News

Published

on

Introducing Jetpack AI Assistant in WordPress.com – WordPress.com News

Your rocketship to more powerful content creation.

Imagine being able to quickly generate all types of content—headlines, entire posts, even translations—with the click of a button. Imagine significantly reducing your effort and time spent staring at a blank screen. 

Say hello to Jetpack AI Assistant. 

Jetpack AI Assistant is seamlessly integrated as a block within the WordPress.com editor. (If your WordPress site is hosted elsewhere, the AI Assistant is also available through the Jetpack plugin.) This powerful new tool is still in the experimental phase, but here’s just a sampling of what it can already help you do. 

5 ways you can make writing a breeze with Jetpack AI Assistant 

Create customized content

Jetpack AI Assistant utilizes a conversational system so that you can “chat” with it in natural language. Enter a prompt, such as “Write a list of Tokyo’s must-visit destinations,” and watch as the Assistant crafts an engaging piece of content. Compelling blog posts, detailed pages, structured lists, and comprehensive tables can be created in seconds.

Perfect your spelling and grammar on the fly

Ensure your content always reflects professional standards with Jetpack AI Assistant’s spelling and grammar correction features.

Adjust your tone to match your audience 

Whether you’re aiming for formal or conversational, Jetpack AI Assistant can adjust the tone of your content to your goals and audience makeup. 

See also  How to Send Automated Coupons in WordPress to Bring Back Customers

Find that perfect creative title

Struggling to find a good title that will really capture your audience’s attention? It can be the hardest part of writing a post! Jetpack AI Assistant has you covered by reading the text and then creating suitable and compelling headlines.

Translate your writing with a single click

The Jetpack AI Assistant can translate your text into numerous languages, allowing you to effortlessly reach across locales and cultures. 

And that’s just the start of what Jetpack AI Assistant can do.

Can this really be free? 

Yes, it can! For a limited time, Jetpack AI Assistant is free to use for all WordPress.com customers. 

Activate the block with the Inserter or the “/” command shortcut. (If you didn’t know, here’s a fun tip: Hit the “/” button while in the post or page editor and type the name of the block you’re looking for. In this case, it would be “AI.”) 

Your rocketship to seamless content creation  

This is just the beginning! We’re working to expand Jetpack AI Assistant’s capabilities, so stay tuned for even more exciting features in the coming weeks.

Try the AI Assistant today and discover an even more streamlined creative process in WordPress.com. 


Join 99,410,108 other subscribers

See also  10 Essential WordPress Plugins for Every Website | by Huzaifa Shoukat | ILLUMINATION | May, 2023

Source link

Keep an eye on what we are doing
Be the first to get latest updates and exclusive content straight to your email inbox.
We promise not to spam you. You can unsubscribe at any time.
Invalid email address
Continue Reading

WORDPRESS

How to Accept Venmo in WordPress

Published

on

How to Accept Venmo in WordPress and WooCommerce

There are a couple of situations in which you may want to have your WordPress accept Venmo. The most obvious one is if you want to add it as a payment method in your WooCommerce shop. In addition to credit and debit cards, you should always consider offering other payment methods to accommodate the maximum possible number of users. Most commonly, WordPress merchants add a PayPal button since this is a widely popular payment method. Adding Stripe is another great way to increase your shop conversions. For freelancers, there are a number of PayPal alternatives to use in case you don’t want to use this particular method. By adding Venmo to this roster you’re allowing even more users to complete purchases through your shop and this can only be beneficial for your business bottom line.

Another situation in which you may want to add Venmo to WordPress is if you want to set up some form of donation system for your website. This can work for websites selling NFTs, for blogs with partially or completely gatewayed content, and so on. If you have a following and you want to give them a chance to support your work via occasional donations or payments, Venmo can be a great solution.

See also  Barcelona vs. Atletico Madrid - Football Match Report - April 23, 2023

Generally speaking, adding Venmo is a smart call. However, it’s not for everyone, unfortunately. If you don’t have a considerable US-based visitor demographic, Venmo is probably not for you. Still, it being basically free, you don’t have anything to lose by having your WordPress accept Venmo.

Now, let’s see how you can set it all up. We’ll cover two plugin methods and you will decide which one works better for you.

Note: If your intention is to use Venmo as a way to collect donations, remember that Venmo is now a PayPal company and that if you’re already using PayPal for your donations, for instance using the GiveWP plugin, you can now simply enable Venmo payments as well.

Source link

Keep an eye on what we are doing
Be the first to get latest updates and exclusive content straight to your email inbox.
We promise not to spam you. You can unsubscribe at any time.
Invalid email address
Continue Reading

Trending

en_USEnglish