EssentialPlugin WordPress Suite Compromised, Malware Push
🔐 More than 30 plugins in the EssentialPlugin package were found to contain a backdoor that grants unauthorized access to sites. The malicious code was introduced after the project's acquisition in August 2025 but remained dormant until recently, when updates delivered a downloader that injects malware into wp-config.php. The payload selectively displayed spam to Googlebot and used an Ethereum-based C2 for evasion. WordPress.org closed the affected plugins and issued a forced update, though configuration files may still be infected.
