Remember the supply chain attack we saw in XZ-tools in the not-too-distant-past?
WordPress is now experiencing the same thing for several popular plugins.
https://arstechnica.com/security/2024/06/supply-chain-attack-on-wordpress-plugins-affects-as-many-as-36000-sites/
As I said earlier with the XZ-tools event, we are in for a wild ride when it comes to Supply Chain Attacks.