Source: ZDNet
Summary
Multiple WordPress plugins were compromised after being sold to a new company, resulting in the spread of malware. According to reports, the plugins were modified to include malicious code, affecting numerous websites. The incident has raised concerns about the security of WordPress plugins and the potential risks associated with changes in ownership. An investigation is underway to determine the extent of the issue. The affected plugins have been removed from the WordPress repository.
Our Reading
The announcement sounds ambitious.
A new owner, a new business model: “Let’s add malware!” Dozens of WordPress plugins were hijacked, because what’s a sale without a few unwanted surprises? The plugins were updated with malicious code, because who needs security when you can have a quick buck? The affected plugins have been removed, but the damage is done. Because, of course, this is exactly what happens when you sell out to the highest bidder.
Author: Evan Null
