Smart Slider updates hijacked to push malicious WordPress, Joomla versions

Hackers successfully compromised the update mechanism for Smart Slider 3 Pro, a popular plugin for WordPress and Joomla platforms. The attackers injected multiple backdoors into the plugin, which were then distributed to all users who installed updates during the compromise window. This supply chain attack is particularly dangerous because the malicious code was delivered through legitimate update channels, bypassing normal security controls. Organizations using this plugin should immediately audit their installations, review access logs, and consider reinstalling clean versions. The backdoors likely enable persistent remote access, data exfiltration, and potential lateral movement within affected networks. Users who自动 updated should treat their environments as potentially compromised and conduct thorough forensic analysis.

Hackers hijacked the update system for the Smart Slider 3 Pro plugin for WordPress and Joomla, and pushed a malicious version with multiple backdoors. [...]

Hackers successfully compromised the update mechanism for Smart Slider 3 Pro, a popular plugin for WordPress and Joomla platforms. The attackers injected multiple backdoors into the plugin, which were then distributed to all users who installed updates during the compromise window. This supply chain attack is particularly dangerous because the malicious code was delivered through legitimate update channels, bypassing normal security controls. Organizations using this plugin should immediately audit their installations, review access logs, and consider reinstalling clean versions. The backdoors likely enable persistent remote access, data exfiltration, and potential lateral movement within affected networks. Users who自动 updated should treat their environments as potentially compromised and conduct thorough forensic analysis. Hackers hijacked the update system for the Smart Slider 3 Pro plugin for WordPress and Joomla, and pushed a malicious version with multiple backdoors. [...] Hackers hijacked the update system for the Smart Slider 3 Pro plugin for WordPress and Joomla, and pushed a malicious version with multiple backdoors. [...]