Attention content creators: your WordPress plugin of choice may have been compromised

Don't blog without the proper protections in place, folks.
Cybernews

WordPress plugins taken offline after a developer found 30 injected with malicious code

Dozens of WordPress plugins have been compromised by an unknown actor who planted backdoors in popular add-ons after buying ...
Ars Technica

Hackers try to exploit WordPress plugin vulnerability that’s as severe as it gets

Hackers are assailing websites using a prominent WordPress plugin with millions of attempts to exploit a high-severity vulnerability that allows complete takeover, researchers said. The vulnerability ...
The Verge

WordPress.org’s latest move involves taking control of a WP Engine plugin

WordPress.org has taken over a popular WP Engine plugin in order “to remove commercial upsells and fix a security problem,” WordPress cofounder and Automattic CEO Matt Mullenweg announced today. This ...