Blog
-
Anatomy of a WordPress.org supply-chain attack: the six ways in
Six ways an attacker turns a trusted WordPress.org plugin into a foothold on your site, each drawn from a real campaign I have traced, with the code that made it work. Plus the one method you cannot scan for, and what actually catches all of them.
-
The hall of shame for WordPress admin notices
I have wanted a public database of WordPress admin notices for years. Every WordPress professional knows the feeling. You log into /wp-admin/ to do one small thing, and the top…
-
From a 7 KB file to a 13-year backdoor operation
Most plugin closures are uneventful. A developer stops responding, wp.org pulls the plugin, the listing goes dark, and that is the end of it. My WP Beacon scanner flags these…
-
Gravity SMTP Exploit Campaign
The last few weeks have been whack-a-mole with my Mailgun account. My Mailgun account kept getting locked. I would clear a compliance issue, watch everything come back online, and a…