Tomorrow: Brow.si Webinar on Mobile Web Engagement

It’s not too late to sign up for a webinar with our Featured Partner, Brow.si about mobile web engagement and monetization. Brow.si has built a sleek mobile layer that allows publishers to increase mobile web engagement and in turn discover a new mobile web revenue stream. If you are interested in expanding your mobile web presence, this is a webinar that you won’t want to miss.

Details: Thursday, June 12, 2014 12:00 PM – 1:00 PM EDT / 9:00 AM – 10:00 AM PDT

Hope you can join us – Click here to sign up!

Please Update Your Bit.ly API Keys Immediately

Bit.ly announced an urgent security update last night and are recommending users to disconnect and re-generate their API key for security reasons.

If you’re using the Bit.ly plugin, please delete the API Key under Settings >> Bit.ly. You can reset your API-Key and oAuth token by following these steps here:

1) Log in to your Bit.ly account and click on ‘Your Settings,’ then the ‘Advanced’ tab.

2) At the bottom of the ‘Advanced’ tab, select ‘Reset’ next to ‘Legacy API key.’

3) Copy down your new API key and change it in all applications. These can include social publishers, share buttons and mobile apps.

4) Go to the ‘Profile’ tab and reset your password.

Once you’ve reset your API Key, you can enter the new Key under Settings >> Bit.ly.

Here’s more information about the Bit.ly security update on Bit.ly’s blog.

Critical Jetpack Security Update

Please note that this only affects Jetpack users and does NOT impact any sites hosted on WordPress.com.

Jetpack version 2.9.3 contains a critical security update, and you should update your Jetpack site and any you help manage as soon as possible. You can update through your dashboard, or download Jetpack manually here.

During an internal security audit, we found a bug that allows an attacker to bypass a site’s access controls and publish posts. This vulnerability could be combined with other attacks to escalate access. This bug has existed since Jetpack 1.9, released in October 2012.

Fortunately, we have no evidence of this being used in the wild. However, now that this update is public, it’s just a matter of time before exploits occur. To avoid a breach, you should update your site as soon as possible. (The vulnerability has been disclosed on the MITRE Common Vulnerabilities and Exposures system as CVE-2014-0173.)

For more information on the security update, please visit Jetpack’s blog.