Someone purchased 30 WordPress plugins through a third-party vendor and planted identical backdoor payloads in every one of them. Same obfuscation patterns. Same C2 beaconing logic. Synchronized file modification timestamps across all versions. This was not 30 independent compromises. This was one operation. I know how this works because I've built operations like it. This is not a code review fai
Identity Continuity Failure in WordPress Plugin Supply Chain Compromise
RC·Dev.to··1 min read
D
Continue reading on Dev.to
This article was sourced from Dev.to's RSS feed. Visit the original for the complete story.