WP Beacon and Beyond!

This month, Austin Ginder will share the story of how a wave of malware injections led to building WP Beacon, a public scanner that watches top plugins on wordpress.org for supply chain attacks. We'll walk through real catches from the past two months, the tools built along the way, and where it all goes next.

What we'll cover:

• The February 2026 reset — 85+ sites compromised in a few weeks
• Catching Widget Logic, a 16-year-old plugin quietly sold and weaponized
• Why version numbers lie and hashes don't
• CaptainCore Drift uncovering a five-year dormant backdoor
• WP Beacon's first live catch — Scroll To Top and its hidden update channel
• How AI made forensic-level investigation possible
• WP Registry — the next step. Audit 100% of code

Bring your questions about WordPress security, AI-assisted forensics, or anything in between.

Pizza 🍕 and introductions at 7pm. Come with your laptops and join the discussion. RSVP here or on LocalMeet.

🗒️ About our location

• Free parking in lot off of market street. See here for directions to The Candy Factory, Warehouse D.