#Security | thakurcoder

April 17, 2026

31 WordPress Plugins, One Flippa Sale, and an 8-Month Time Bomb

In April 2026, WordPress.org closed 31 plugins after an attacker bought a trusted plugin portfolio on Flippa, shipped a dormant PHP deserialization backdoor, and activated it eight months later — with command-and-control resolved through an Ethereum smart contract. This post breaks down how the attack actually worked, why 96% of WordPress vulnerabilities live in plugins, and how Cloudflare's new EmDash CMS attempts to fix the architecture with capability-scoped sandboxes.

WordPressSupply Chain AttackSecurity

April 1, 2026

100 Million Downloads. One Compromised Account. Your Machine Is Now a Botnet.

On March 31, 2026, two malicious versions of Axios — axios@1.14.1 and axios@0.30.4 — were discovered containing a precision-engineered, self-erasing supply chain attack. The RAT it dropped could silently steal your AWS credentials, API keys, and more — and npm audit reported a clean bill of health the entire time. Here's exactly how it worked.

SecuritynpmJavaScript

January 1, 2024

Shhh! It's a Secret: How Keycloak Keeps Your Data Safe

Keycloak is an open-source identity broker: your app delegates login to a central server, gets back tokens, and never has to store passwords itself. This article walks through the login redirect flow, why that pattern is more secure, and where to go next—including Laravel integration.

KeycloakIAMOAuth

Loading…