Hunk Companion WordPress Plugin Exploited to Install Vulnerable Plugins

Hackers are exploiting a critical vulnerability in the "Hunk Companion" plugin to install and activate other plugins with exploitable flaws directly from the WordPress.org repository.