84Trust
Highly Accurate
๐ Web Verified
BrianKrebsonMastodon1d ago
This discussion atop Hackernews right now about how someone bought 30 WordPress plugins and planted a backdoor in all of them has me wondering, is there a plugin that blocks plugins from being automagically updated if the plugin's ownership changes?
https://news.ycombinator.com/item?id=47755629#47756259
Trust Metrics
85
80
90
80
Claim Accuracy85%
Source Quality80%
Framing & Tone90%
Context80%
Analysis Summary
Krebs is noting a real WordPress supply chain attack (30+ plugins backdoored after acquisition) currently being discussed on HN, and asking a legitimate technical question about whether a plugin exists to prevent auto-updates when ownership changes. The underlying event is verified; his question is analytical commentary on plugin security gaps.
Claims Analysis (2)
โSomeone bought 30 WordPress plugins and planted a backdoor in all of themโ
Corroborated by TechCrunch, anchor.host, and blueheadline.com reporting on the 2026 supply chain attack involving purchased plugins with backdoors.
โThis discussion is happening on Hackernewsโ
Post links directly to HN discussion thread (item #47755629), verifiable as public thread.
Verify Yourself
Was this analysis helpful?
Try ClearFeed free โ