Supply chain attack via manipulated CDN conceals admin accounts and web shells on over 1.2 million WordPress websites; infections are not detectable through the standard dashboard.
Three popular WordPress plugins were abused to create attacker-controlled admin accounts and install backdoor plugins, deliberately targeting administrators as the attack vector.
A China-linked hacker group infiltrated fundamental Linux authentication systems PAM and OpenSSH over many years, evading conventional detection methods.
