Attackers compromised Awesome Motive CDN files, backdooring WordPress sites running OptinMonster, TrustPulse, and PushEngage
✦ NabkaNews BriefAuto-summarized from multiple outlets · verify with the source
Attackers have compromised files on the Awesome Motive content delivery network, potentially backdooring wordpress sites that use certain plugins. The affected plugins include OptinMonster, TrustPulse, and PushEngage, with some reports suggesting over 1 million wordpress sites may be at risk. The nature and extent of the vulnerability are reported somewhat inconsistently across outlets, but it appears to involve a supply-chain attack on the plugins.
Full coverage
1234567