
Attacker compromised 30 WordPress plugins via acquisition
Hacker News·3mo·speckx
A single actor purchased ownership of multiple WordPress plugins and injected backdoors into all of them, potentially affecting thousands of sites. This underscores a real supply-chain risk for indie WordPress developers: abandoned plugins are acquisition targets, and plugin marketplaces lack effective ownership verification.
Original story
Read the original on Hacker NewsRelated stories
AI
HYVE Ether OS goes on pre-sale: a $499 sovereign AI operating system you actually ownVibe Software Solutions·1mo·Anthony S. Owens

Devtools
The 'just say no' engineer thrived in cheap money—and is now extinctHacker News·1mo·jxmorris12
