Uncategorized

  • Someone Bought 30 WordPress Plugins and Planted a Backdoor in All of Them.

    Last week, I wrote about catching a supply chain attack on a WordPress plugin called Widget Logic. A trusted name, acquired by a new owner, turned into something malicious. It…

  • How CaptainCore Drift Uncovered a Nulled Plugin Ring

    I manage around 3,000 WordPress sites. Paid plugins often get stuck on old versions. Bad license keys, expired subscriptions, broken updaters. I wanted a way to see which plugins were…

  • How I Caught a WordPress Plugin Supply Chain Attack

    A routine security alert led to uncovering a WordPress plugin supply chain attack. The Widget Logic plugin had changed hands, and the new owner used version number manipulation to inject external JavaScript while preventing auto-updates from delivering the fix.

  • The Minnow Framework

    What just happened? I started my Monday by upgrading my Claude Code account from the $20 to $100/month plan. By Tuesday, I was running it through 3 massive roadmaps. One…

  • Writing with Markdown

    “It all starts with writing.” That single phase has stuck with me since I first heard it from Sean McCabe. It doesn’t matter what you want to create. Whether it’s…

  • The Age of Personal Generated Applications

    If you’re a developer and haven’t yet used AI to build stuff for yourself, then take a weekend and give it a try. We are entering an age of personally…

  • Experimenting with WordPress Part 2 – Code Mapping

    This post is the second part of a series called “Experimenting with WordPress” What is WordPress really? Well, in terms of code, it’s simply a collection of ~3924 anonymous PHP…

  • Deploy WordPress with SSH

    A common feature of managed WordPress hosts is an easy one click deploy to a staging environment. These deployment features are well used. On occasion I’ll have my own customers…

  • Meet CaptainCore Do

    If you haven’t figured it out by now, I really enjoy making things. At the beginning of summer, I accidentally made a new CLI while talking with Google Gemini. I…

  • Developers, Talk To Your Codebase!

    AI is here to stay, and the ways that developers make applications are forever changing. There is no return to human-only coding. Moving forward, I’m convinced that the vast majority…