Industry stats Updated Jun 2026All domains worldwide 392.5M registered names +6.5% YoY Verisign · Q1 2026.com + .net total 176.1M names in zone Verisign · Q1 2026.com + .net 11.5M newly registered · 76.3% renewed Verisign · Q1 2026Country-code TLDs 146.3M names +2.4% YoY Verisign · Q1 2026New gTLDs 49.6M names · 30.9% renewed +3.7% QoQ Verisign · Q1 2026Legacy gTLDs 20.5M names · 67.6% renewed +14.6% YoY Verisign · Q1 2026WordPress 41.5% of all sites · 59.3% of CMS sites W3Techs · 17 Jun 2026Shopify 5.2% of all sites · 7.5% of CMS sites W3Techs · 17 Jun 2026Wix 4.3% of all sites · 6.1% of CMS sites W3Techs · 17 Jun 2026Squarespace 2.5% of all sites · 3.5% of CMS sites W3Techs · 17 Jun 2026Joomla 1.2% of all sites · 1.7% of CMS sites W3Techs · 17 Jun 2026Webflow 0.9% of all sites · 1.2% of CMS sites W3Techs · 17 Jun 2026Drupal 0.7% of all sites · 1% of CMS sites W3Techs · 17 Jun 2026No CMS detected 30% of all sites W3Techs · 17 Jun 2026Nginx on 33%–39% of sites W3Techs · Mar–Apr 2026Apache on 24%–29% of sites W3Techs · Mar–Apr 2026LiteSpeed gaining share among web servers W3Techs · Mar–Apr 2026DMARC adoption 937.9K valid records +79% in 3 yrs EasyDMARC · 2026 YTDFortune 500 95% publish DMARC · 80% enforced EasyDMARCFortune 500 62.7% use strict reject policy EasyDMARCInc. 5000 15.2% use strict reject policy EasyDMARCDeal CVC Capital Partners → Namecheap · CVC Capital Partners acquired a majority stake in Namecheap in September 2025, valuing the company at ~$1.5B (including debt). 2025Deal team.blue (Hg-backed) → Loopia Group · team.blue (Hg-backed) acquired Loopia Group (Nordics) in 2025. 2025Deal Miss Group (Perwyn-backed) → Web4U s.r.o. · Perwyn-backed Miss Group acquired Web4U s.r.o. (Prague-based web hosting and domain registration provider) in 2025. This is Miss Group’s 14th acquisition under Perwyn ownership. 2025Deal group.one → Webglobe · group.one acquired Webglobe (Slovakia/Czechia/Serbia) in 2025. 2025Deal hosting.com → FastComet, A2 Hosting · hosting.com (formerly World Host Group) acquired FastComet in April 2025 and A2 Hosting in January 2025, rebranding A2 Hosting under the hosting.com name. 2025Industry stats Updated Jun 2026All domains worldwide 392.5M registered names +6.5% YoY Verisign · Q1 2026.com + .net total 176.1M names in zone Verisign · Q1 2026.com + .net 11.5M newly registered · 76.3% renewed Verisign · Q1 2026Country-code TLDs 146.3M names +2.4% YoY Verisign · Q1 2026New gTLDs 49.6M names · 30.9% renewed +3.7% QoQ Verisign · Q1 2026Legacy gTLDs 20.5M names · 67.6% renewed +14.6% YoY Verisign · Q1 2026WordPress 41.5% of all sites · 59.3% of CMS sites W3Techs · 17 Jun 2026Shopify 5.2% of all sites · 7.5% of CMS sites W3Techs · 17 Jun 2026Wix 4.3% of all sites · 6.1% of CMS sites W3Techs · 17 Jun 2026Squarespace 2.5% of all sites · 3.5% of CMS sites W3Techs · 17 Jun 2026Joomla 1.2% of all sites · 1.7% of CMS sites W3Techs · 17 Jun 2026Webflow 0.9% of all sites · 1.2% of CMS sites W3Techs · 17 Jun 2026Drupal 0.7% of all sites · 1% of CMS sites W3Techs · 17 Jun 2026No CMS detected 30% of all sites W3Techs · 17 Jun 2026Nginx on 33%–39% of sites W3Techs · Mar–Apr 2026Apache on 24%–29% of sites W3Techs · Mar–Apr 2026LiteSpeed gaining share among web servers W3Techs · Mar–Apr 2026DMARC adoption 937.9K valid records +79% in 3 yrs EasyDMARC · 2026 YTDFortune 500 95% publish DMARC · 80% enforced EasyDMARCFortune 500 62.7% use strict reject policy EasyDMARCInc. 5000 15.2% use strict reject policy EasyDMARCDeal CVC Capital Partners → Namecheap · CVC Capital Partners acquired a majority stake in Namecheap in September 2025, valuing the company at ~$1.5B (including debt). 2025Deal team.blue (Hg-backed) → Loopia Group · team.blue (Hg-backed) acquired Loopia Group (Nordics) in 2025. 2025Deal Miss Group (Perwyn-backed) → Web4U s.r.o. · Perwyn-backed Miss Group acquired Web4U s.r.o. (Prague-based web hosting and domain registration provider) in 2025. This is Miss Group’s 14th acquisition under Perwyn ownership. 2025Deal group.one → Webglobe · group.one acquired Webglobe (Slovakia/Czechia/Serbia) in 2025. 2025Deal hosting.com → FastComet, A2 Hosting · hosting.com (formerly World Host Group) acquired FastComet in April 2025 and A2 Hosting in January 2025, rebranding A2 Hosting under the hosting.com name. 2025

# · Topic

plugin security

2 stories tagged with this topic.

Security

ShapedPlugin supply-chain breach infects WordPress plugins

ShapedPlugin's build system was breached in late May 2026, allowing attackers to push malicious updates for three premium plugins. The malware stole credentials, installed hidden backdoors, and exfiltrated WooCommerce order data from infected sites.

18 Jun 2026 · 4 min

Security

CISA mandates patch for exploited Joomla plugin flaw

CISA has ordered federal agencies to patch a maximum-severity vulnerability in the Widget Factory Joomla Content Editor (JCE) plugin, tracked as CVE-2026-48907, which is being actively exploited. The flaw allows unauthenticated attackers to execute code on Joomla sites using the plugin.

17 Jun 2026 · 4 min