WordPress 5.2 is out and brings a number of functional improvements, but the great news for those who are worried about the security of their installation is the implementation of digital signing of update packages. Increased security WordPress provided the option for automatic implementation of updates back in 2013 but, until now, these updates were not digitally singed, meaning that a successful compromise of WordPress update servers would allow attackers to deliver malicious updates to all those who use the popular content management system (CMS).
Read full article on Help Net Security