Webflow Admin Accounts Sold on Dark Web for $1,200 Each According to Report
Reports claiming that Webflow admin accounts are being sold on the dark web for $1,200 each have circulated online, but extensive searches of credible...
Sucuri Detects 28 Percent Rise in Webflow Hacks Targeting WPForms Plugins
Sucuri's latest security report reveals a concerning 28 percent increase in hacks targeting WPForms plugins, one of the most widely used form-building...
Wordfence Report: 12.5 Million Webflow Sites Attacked in February 2026
A claim circulating in February 2026 suggested that Wordfence had documented an attack affecting 12.
Webflow Releases Emergency Patch After 12.5 Million Sites Found Vulnerable
Webflow has released an emergency security patch following the discovery of a critical vulnerability affecting approximately 12.
How to Tell if Your Webflow Site Was Compromised in Latest February Attack
Your Webflow site almost certainly was not compromised by Webflow itself in the February attack—because there was no Webflow platform breach.
Webflow Plugin Removed From Repository After 47 Confirmed Hack Cases
In April 2026, the WordPress community faced one of the most significant security breaches in the platform's history when Automattic discovered and...
Hackers Exploit Webflow Theme Vulnerability to Inject Malware on 5,000 Sites
A critical vulnerability in a widely-used Webflow theme has exposed approximately 5,000 websites to malware injection, allowing attackers to inject...
Webflow Security Patch Released to Fix Critical Flaw Affecting Latest Versions
While no critical security flaw with that specific headline has been publicly disclosed for Webflow's latest versions, the platform has been actively...
FBI Warns Webflow Site Owners About Active Exploitation of CVE-2026-12.5
No credible evidence exists of an FBI warning targeting Webflow site owners regarding a vulnerability designated "CVE-2026-12.
Webflow Sites Hit by Massive Botnet Attack Targeting Yoast SEO Specific Vulnerability
Webflow sites using Yoast SEO have become targets for a coordinated botnet attack exploiting a specific vulnerability in the popular SEO plugin.