Over 1 Million WordPress Sites at Risk After Popular Plugin Hacked — OptinMonster Among Those Hit in CDN Supply-Chain Attack

Over 1 million WordPress sites at risk after popular plugin hacked — OptinMonster among those hit in CDN supply-chain attack

Three popular plugins served malicious JavaScript through a compromised CDN.

SCIENCE & TECH: Over 1 million WordPress sites at risk after popular plugin hacked — OptinMonster among those hit in CDN supply-chain attack

Vulnerability in UpdraftPlus plugin on Awesome Motive’s marketing server enabled CDN compromise and malicious JavaScript injection Malware targeted logged‑in WordPress admins, harvesting tokens and creating rogue accounts for full takeover Site owners urged to check for fake admin accounts (‘developer_api1’, ‘dev_xxxxxx’), hidden backdoor plugins, and rotate credentials/security salts More than a million WordPress websites were at risk of full w…

OptinMonster WordPress plugin hacked in CDN supply-chain attack

WordPress plugins OptinMonster, TrustPulse, and PushEngage have been compromised in a supply-chain attack impacting Awesome Motive-s content distribution network (CDN).

OptinMonster Plugin Hack Exposes 1.2 Million WordPress Sites to Cyberattack

A large-scale supply chain attack targeting widely used WordPress plugins has exposed more than 1.2 million websites to potential compromise after attackers injected malicious code into legitimate JavaScript files distributed through trusted CDN infrastructure. Security researchers at Sansec discovered an ongoing campaign targeting plugins developed by Awesome Motive, including OptinMonster, TrustPulse, and PushEngage. These plugins are installe…