Someone planted backdoors in dozens of WordPress plug-ins used in thousands of websites

Dozens of WordPress plugins were allegedly hijacked to push malware after they were sold to a new corporate owner.
The Next Web

Someone bought 30 WordPress plugins and planted backdoors in all of them

An attacker purchased 30+ WordPress plugins on Flippa, planted backdoors that lay dormant for eight months, then activated ...

Popular WordPress plugins backdoored after ownership change, putting thousands of websites at risk

A popular brand of WordPress plugins was recently weaponized to download and spread malicious code. The new, potentially ...

Hackers exploit critical flaw in Ninja Forms WordPress plugin

A critical vulnerability in the Ninja Forms File Uploads premium add-on for WordPress allows uploading arbitrary files ...

Why Developers Are Adding the Open-Source Superpowers Plugin to Claude Code

Learn how the free Superpowers plugin improves Claude Code by adding a structured 5-phase workflow that reduces token usage ...

A Claude code plugin in an afternoon: What I learned

Plugins for AI coding tools sound like complex infrastructure. In practice, Markdown files and an HTTP API are sufficient.