all InfoSec News
3 More Plugins Infected in WordPress.org Supply Chain Attack Due to Compromised Developer Passwords
Wordfence www.wordfence.com
On June 24th, 2024, we became aware of a supply chain attack targeting multiple WordPress plugins hosted on WordPress.org. An attacker was able to successfully compromise five WordPress.org accounts, where the developers were utilizing credentials previously found in data breaches, and commit malicious code to the plugins that would inject new administrative user accounts along ...
Read More
The post 3 More Plugins Infected in WordPress.org Supply Chain Attack Due to Compromised Developer Passwords appeared first on Wordfence.
accounts attack attacker aware breaches code commit compromise compromised credentials data data breaches developer developers found june malicious org passwords plugins research supply supply chain supply chain attack targeting wordpress wordpress plugins wordpress security