LoopConf is the WordPress developer conference. LoopConf came about as we heard technically-minded folks talk about wanting to get together and dive deep into advanced engineering and development topics. We’ve assembled an amazing group of speakers to get this inaugural event started off on the right foot, and we’re excited to share our excitement and passion for WordPress with all of you in an exciting three-day event. We hope that you join us to celebrate the software we love, enjoy each other’s company, and learn from one another.

WordPress 4.1.2 is out, update your sites

WordPress 4.1.2 has been released, to fix critical security vulnerabilities. This comes shortly after a security issue was announced in a common WordPress function (add/remove_query_arg), which affected many plugins.

All major plugins have already been patched, and no major attacks have been reported at this time. Don’t panic, just update your sites and plugins!

More information on WordPress 4.1.2: https://wordpress.org/news/2015/04/wordpress-4-1-2/

More information on add/remove_query_arg vulnerability: https://poststatus.com/coordinated-plugin-updates-to-address-security-vulnerability-in-many-popular-wordpress-plugins/

Slack announces security breach

Slack announced that they were hacked, and what their plans are to mitigate such attacks in the future.

We were recently able to confirm that there was unauthorized access to a Slack database storing user profile information. We have since blocked this unauthorized access and made additional changes to our technical infrastructure to prevent future incidents. We have also released two factor authentication and we strongly encourage all users to enable this security feature.

Read more about the incident on their blog.

Version 1.2 of the WordPress REST API is out

From the make.wordpress.org blog:

Today, I can finally announce the release of version 1.2 of the WP REST API.

A short nine months after our last release we have support for Cross-Origin Resource Sharing, full request hijacking, JSON encode/decode errors, and a swarm of bug fixes.

Rachel, Ryan and team plan to release version 2.0 next month, and the REST API is rumored to go into WordPress core later in the year.

Andrew Nacin joins the White House Digital Service

WordPress lead developer Andrew Nacin has worked for Matt Mullenweg’s firm Audrey Capital for several years, but he is leaving to join the White House Digital Service.

The United States Digital Service is transforming how the federal government works for the American people. And we need you.

A quote from Andrew:

When I was approached, I have to admit that I was nervous to step back from the day-to-day buzz of WordPress because I’ve invested so much. But the community stepped up, in most cases not even knowing about my life change. That’s the beauty of open source, and the fantastic WordPress community in particular. WordPress continues to play an important role in my life. With Matt Mullenweg’s support and encouragement, I’m taking time away from Audrey, where I’ve worked since 2010. I’m still actively involved in the project, just not full time.

You can read more about Andrew’s transition on Post Status.