Three popular WordPress plugins were abused to create attacker-controlled admin accounts and install backdoor plugins, deliberately targeting administrators as the attack vector.
npm blocks automatic package installation scripts by default starting with version 12, a practice that competitors like Yarn, pnpm, and Bun had already established.
