WordPress plugin suite hacked to push malware to thousands of sites

More than 30 WordPress plugins in the EssentialPlugin package have been compromised with malicious code that allows ...
The Next Web

Someone bought 30 WordPress plugins and planted backdoors in all of them

An attacker purchased 30+ WordPress plugins on Flippa, planted backdoors that lay dormant for eight months, then activated ...

Over 20,000 WordPress Websites Infected With Malicious Plugins

Dozens of plug-ins for WordPress have been taken offline after a backdoor was discovered that allowed malicious code to be distributed to thousands of ...
Gadget Review on MSN

WordPress plugin backdoor hits 20K+ sites in supply chain attack

WordPress plugin backdoor compromises 20,000+ sites through supply chain attack using blockchain evasion tactics and ...
Bleeping Computer

Hackers abuse WordPress MU-Plugins to hide malicious code

Hackers are utilizing the WordPress mu-plugins ("Must-Use Plugins") directory to stealthily run malicious code on every page while evading detection. The technique was first observed by security ...
Ars Technica

Backdoor slipped into multiple WordPress plugins in ongoing supply-chain attack

WordPress plugins running on as many as 36,000 websites have been backdoored in a supply-chain attack with unknown origins, security researchers said on Monday. So far, five plugins are known to be ...
Hosted on MSN

Over 30 WordPress plugins pulled after backdoor discovery

More than 30 popular WordPress plugins were removed after investigators found backdoors inserted by a new owner following a business sale. The malicious code remained dormant for months before being ...

Popular WordPress plugins backdoored after ownership change, putting thousands of websites at risk

A popular brand of WordPress plugins was recently weaponized to download and spread malicious code. The new, potentially ...