Breaking News: A critical vulnerability identified as CVE-2024-5756 with a CVSS score of 9.8 has been discovered in the Icegram Express plugin, putting 90,000 WordPress sites at risk. Additionally, a widespread supply-chain attack has compromised multiple WordPress plugins, affecting as many as 36,000 sites. Hackers have backdoored these plugins to create rogue admin accounts. Users are advised to inspect their sites, remove any suspicious admin accounts, and update the affected plugins to mitigate the risk.