1. Forum
  2. tqwNet
  3. TQW GENTECH

  • This Premium WordPress plugin and theme have been compromised he

    From TechnologyDaily@1337:1/100 to All on Tuesday, March 24, 2026 12:15:25
    This Premium WordPress plugin and theme have been compromised here's how to check your website hasn't been infected

    Date:
    Tue, 24 Mar 2026 12:00:00 +0000

    Description:
    BuddyBoss had its update server compromised and used to push a poisoned update.

    FULL STORY ======================================================================Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Tech Radar Pro Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Contact me with news
    and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over. You are now subscribed Your newsletter sign-up was successful An account already exists for this email address, please log in. Subscribe to our newsletter Ongoing cyberattack compromises BuddyBoss update system Malicious updates steal admin credentials, Stripe keys, and databases Hundreds of sites already hit; thousands more at risk, admins urged to disable auto-updates and rotate credentials A major cyberattack against websites running the BuddyBoss WordPress plugin is currently ongoing, and users are urged to secure their assets or risk complete compromise and website takeover.

    BuddyBoss is a WordPress platform and theme people can use to create online communities, membership sites, and e-learning platforms. It apparently has 50,000 customers, including 27,000 BuddyBoss Platform and BuddyBoss Theme package users. According to Cybernews, an unidentified French-speaking threat actor somehow broke into the system that delivers software updates for BuddyBoss. There, they used Claude to help write malicious code and figure
    out how to push it to the update server. Article continues below You may like 50,000 WordPress site affected in major plugin security flaw - here's how to stay safe Hackers exploiting WordPress membership plugin bug to create admin accounts Hackers exploit WordPress plugin security flaw exposing 40,000 websites to complete takeover risk - here's how to stay safe Hundreds of compromised sites Popular AI tools such as Claude have strict guardrails that prevent this kind of abuse, but the attackers managed to trick it (likely by pretending its a harmless hacking challenge).

    After managing to insert malware into the updates, they simply waited for users to install them, compromising their websites in the process. This
    attack was first spotted on March 19, it was said. The malware was designed
    to steal admin passwords and API keys, copy entire databases, and open a backdoor to grant remote control access.

    According to Cybernews, some of the data already stolen in the campaign includes Stripe payment keys, making this campaign particularly worrisome.

    Compromised versions are BuddyBoss Platform 2.20.3, and BuddyBoss Theme 2.19.2. All website admins using any of these are urged to temporarily
    disable automatic updates, revert to server backups made before updating to these versions, and then analyze their server logs for potential indicators
    of compromise. Finally, all passwords, API tokens, and other credentials, should be rotated as soon as possible. Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Contact me
    with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

    Cybernews says hundreds of websites have already been compromised, with thousands more remaining in danger. At press time, at least 309 websites have had their credentials and databases exfiltrated.

    Via Cybernews The best antivirus for all budgets Our top picks, based on real-world testing and comparisons

    Read our full guide to the best antivirus 1. Best overall: Bitdefender Total Security 2. Best for families: Norton 360 with LifeLock 3. Best for mobile: McAfee Mobile Security Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

    And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/this-premium-wordpress-plugin-and-theme -have-been-compromised-heres-how-to-check-your-website-hasnt-been-infected


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)