Bleeping Computer

Smart Slider updates hijacked to push malicious WordPress, Joomla versions

Hackers hijacked the update system for the Smart Slider 3 Pro plugin for WordPress and Joomla, and pushed a malicious version with multiple backdoors. The developer says that only the Pro version ...
Hosted on MSN

Top WordPress slider plugin hijacked to spread malware — here's what to look out for

Smart Slider 3 plugin update compromised with backdoors Malicious version 3.5.1.35 pushed to 800,000+ sites Nextendweb urges rollback or upgrade to clean release If you are using the Smart Slider 3 ...
The Next Web

Someone bought 30 WordPress plugins and planted backdoors in all of them

An attacker bought 30+ WordPress plugins (Essential Plugin portfolio) on Flippa for six figures, planted a PHP deserialization backdoor in August 2025, then activated it eight months later to serve ...
TechRadar

WordPress websites under attack — expert report says dozens of plugins hijacked to target thousands of sites

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. Malicious actor bought 31 WordPress plugins from Essential Plugin Updates injected backdoors, ...