Ars Technica

Supply chain attack used legitimate WordPress add-ons to backdoor sites

Dozens of legitimate WordPress add-ons downloaded from their original sources have been found backdoored through a supply chain attack, researchers said. The backdoor has been found on “quite a few” ...
Bleeping Computer

Over 90 WordPress themes, plugins backdoored in supply chain attack

A massive supply chain attack compromised 93 WordPress themes and plugins to contain a backdoor, giving threat-actors full access to websites. In total, threat actors compromised 40 themes and 53 ...
Ars Technica

Supply chain attack used legitimate WordPress add-ons to backdoor sites

If your site is using add-ons downloaded from AccessPress Themes, it may be infected. If you HAVE to run WordPress, just host it with Automattic. They curate and inspect all the plugins and if this ...