The Next Web

Someone bought 30 WordPress plugins and planted backdoors in all of them

An attacker purchased 30+ WordPress plugins on Flippa, planted backdoors that lay dormant for eight months, then activated ...

A Claude code plugin in an afternoon: What I learned

Plugins for AI coding tools sound like complex infrastructure. In practice, Markdown files and an HTTP API are sufficient.
The Hacker News

LMDeploy CVE-2026-33626 Flaw Exploited Within 13 Hours of Disclosure

CVE-2026-33626 exploited within 13 hours of disclosure, enabling SSRF-based cloud credential theft and internal scanning.
TechJuice

Over 20,000 WordPress Websites Infected by Malicious Plugins in Supply Chain Attack

More than 20,000 WordPress sites were compromised after malicious plugins with hidden backdoors spread harmful code, raising ...

Etherpad 2.7.0: Collaborative web editor without cloud dependency

Etherpad is a self-hostable web editor written in Node.js for real-time collaborative writing – functionally comparable to ...
XDA Developers on MSN

I uninstalled these 4 Obsidian plugins and my vault instantly became easier to manage

Some plugins are just procrastination with extra steps ...

OpenAI unveils Workspace Agents, a successor to custom GPTs for enterprises that can plug directly into Slack, Salesforce and more

Put simply: these agents can be created and accessed from ChatGPT, but users can also add them to third-party apps like Slack ...
Decrypt

OpenAI Super App Takes Shape: Codex Gets Computer Use, Browser, and Image Gen

OpenAI's Codex desktop app now controls your Mac, runs its own browser, and generates images in a new update released today.
MUO on MSN

If you like Obsidian, you're going to love the plugin that turns it into a project manager

Plan, track, and finish projects without leaving your Obsidian vault.
SecurityWeek

Bitwarden NPM Package Hit in Supply Chain Attack

The Bitwarden CLI NPM package compromise is tied to a Checkmarx supply chain attack and references the Shai-Hulud worm.