Backdoored Smart Slider 3 Pro Update Distributed via Compromised Nextend Servers

Unknown threat actors compromised the update infrastructure for Smart Slider 3 Pro, a popular WordPress and Joomla slider plugin with over 800,000 active installations. The attackers injected a backdoor into version 3.5.1.35, enabling them to push malicious updates to all users through the plugin's legitimate update mechanism. This supply chain attack bypasses traditional security controls since updates appear to originate from a trusted source. Users of Smart Slider 3 Pro are advised to immediately audit their installations, verify update sources, and apply any available security patches. The full scope of the compromise and potential impact on affected websites remains under investigation by security researchers.

Unknown threat actors have hijacked the update system for the Smart Slider 3 Pro plugin for WordPress and Joomla to push a poisoned version containing a backdoor. The incident impacts Smart Slider 3 Pro version 3.5.1.35 for WordPress, per WordPress security company Patchstack. Smart Slider 3 is a popular WordPress slider plugin with more than 800,000 active installations across its free and Pro

Unknown threat actors compromised the update infrastructure for Smart Slider 3 Pro, a popular WordPress and Joomla slider plugin with over 800,000 active installations. The attackers injected a backdoor into version 3.5.1.35, enabling them to push malicious updates to all users through the plugin's legitimate update mechanism. This supply chain attack bypasses traditional security controls since updates appear to originate from a trusted source. Users of Smart Slider 3 Pro are advised to immediately audit their installations, verify update sources, and apply any available security patches. The full scope of the compromise and potential impact on affected websites remains under investigation by security researchers. Unknown threat actors have hijacked the update system for the Smart Slider 3 Pro plugin for WordPress and Joomla to push a poisoned version containing a backdoor. The incident impacts Smart Slider 3 Pro version 3.5.1.35 for WordPress, per WordPress security company Patchstack. Smart Slider 3 is a popular WordPress slider plugin with more than 800,000 active installations across its free and Pro Unknown threat actors have hijacked the update system for the Smart Slider 3 Pro plugin for WordPress and Joomla to push a poisoned version containing a backdoor. The incident impacts Smart Slider 3 Pro version 3.5.1.35 for WordPress, per WordPress security company Patchstack. Smart Slider 3 is a popular WordPress slider plugin with more than 800,000 active installations across its free and Pro