On June 24th, 2024, we became aware of a supply chain attack targeting multiple WordPress plugins hosted on WordPress.org. An attacker was able to successfully compromise five WordPress.org accounts, where the developers were utilizing credentials previously found in data breaches, and commit malicious code to the plugins that would inject new administrative user accounts along …
Read More
The post 3 More Plugins Infected in WordPress.org Supply Chain Attack Due to Compromised Developer Passwords appeared first on Wordfence.
This article has been indexed from Blog – Wordfence