1. Forum
  2. tqwNet
  3. TQW GENTECH

  • Top WordPress Slider plugin hijacked to spread malware here's wh

    From TechnologyDaily@1337:1/100 to All on Fri Apr 10 11:00:27 2026
    Top WordPress Slider plugin hijacked to spread malware here's what to look out for

    Date:
    Fri, 10 Apr 2026 09:57:28 +0000

    Description:
    A tainted version was pushed as an update to more than 800,000 active websites.

    FULL STORY ======================================================================Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Tech Radar Pro Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Become a Member in Seconds Unlock instant access to exclusive member features. Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over. You are
    now subscribed Your newsletter sign-up was successful Join the club Get full access to premium articles, exclusive features and a growing list of member rewards. Explore An account already exists for this email address, please log in. Subscribe to our newsletter Smart Slider 3 plugin update compromised with backdoors Malicious version 3.5.1.35 pushed to 800,000+ sites Nextendweb
    urges rollback or upgrade to clean release If you are using the Smart Slider
    3 plugin for either WordPress or Joomla, make sure to update immediately, as experts have warned the tool was recently abused to distribute malware.

    Nextendweb, the maintainers of Smart Slider 3, recently published a new security advisory, saying that on around April 7, 2026, unidentified threat actors broke into the system used for distributing patches, tainting the Pro version of the plugin with multiple backdoors and persistence layers, before pushing the poisoned version as an update to more than 800,000 websites. An unknown number of websites likely installed the compromised version 3.5.1.35, before the developers spotted the attack and released a clean version - 3.5.1.36. Users are now urged to upgrade to this, or roll back to version 3.5.1.34. Article continues below You may like Around 500,000 WordPress websites could be at risk from crucial plugin security flaw 50,000 WordPress site affected in major plugin security flaw - here's how to stay safe More than 40,000 WordPress sites affected by new malware flaw - find out if you're affected Rolling back the updates If you have an available backup point, we strongly recommend rolling back your server to a backup created before
    version 3.5.1.35, the advisory reads.

    The compromised update was released by the attacker on April 7, 2026. Due to time zone differences, it is safest to restore from a backup dated April 5, 2026 or earlier.

    Nextendweb says the malicious plugin version includes multiple backdoors
    which allow threat actors to execute system commands remotely (via HTTP headers) or execute arbitrary PHP code via hidden request parameters. The backdoors also create a hidden admin user and hide it from the admin interface. Persistent backdoors were found in these locations:

    wp-content/mu-plugins/object-cache-helper.php Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Contact me
    with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

    theme functions.php

    wp-includes/class-wp-locale-helper.php

    Finally, the backdoor can send site and credential data to an external server which is why, Nextendweb says, affected sites should be considered fully compromised. What to read next This Premium WordPress plugin and theme have been compromised here's how to check your website hasn't been infected Another worrying WordPress plugin security flaw could put 250,000 websites at risk Hackers exploit WordPress plugin security flaw exposing 40,000 websites to complete takeover risk - here's how to stay safe

    Besides rolling back the update, there is a number of steps website admins should use to make sure their assets are cleaned, which can be found on this link .

    Via BleepingComputer The best antivirus for all budgets Our top picks, based on real-world testing and comparisons

    Read our full guide to the best antivirus 1. Best overall: Bitdefender Total Security 2. Best for families: Norton 360 with LifeLock 3. Best for mobile: McAfee Mobile Security Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

    And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/top-wordpress-slider-plugin-hijacked-to -spread-malware-heres-what-to-look-out-for


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)