Security News > 2024 > June > Plugins on WordPress.org backdoored in supply chain attack
A threat actor modified the source code of at least five plugins hosted on WordPress.org to include malicious PHP scripts that create new accounts with administrative privileges on websites running them.
Although it is possible that the attack impacts a larger number of WordPress plugins, current evidence suggests that the compromise is limited to the aforementioned set of five.
The malicious code in the infected plugins attempts to create new admin accounts and inject SEO spam into the compromised website.
"If you have any of these plugins installed, you should consider your installation compromised and immediately go into incident response mode." - Wordfence.
JAVS courtroom recording software backdoored in supply chain attack.
Polyfill.io JavaScript supply chain attack impacts over 100K sites.
News URL
Related news
- 390,000 WordPress accounts stolen from hackers in supply chain attack (source)
- LottieFiles hit in npm supply chain attack targeting users' crypto (source)
- LottieFiles hacked in supply chain attack to steal users’ crypto (source)
- LottieFiles supply chain attack exposes users to malicious crypto wallet drainer (source)
- Blue Yonder ransomware attack disrupts grocery store supply chain (source)
- Critical WordPress Anti-Spam Plugin Flaws Expose 200,000+ Sites to Remote Attacks (source)
- OpenWrt orders router firmware updates after supply chain attack scare (source)
- Update your OpenWrt router! Security issue made supply chain attack possible (source)
- Ultralytics Supply-Chain Attack (source)
- Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack (source)