> TritonInfoSec News
Home / Jun 16, 2026 / Story
0
#6 The Hacker News general June 15, 2026 at 09:59 UTC

Popular WordPress Plugin Scripts Tampered to Plant Hidden Backdoors on Sites

By [email protected] (The Hacker News)

AI Summary

Attackers compromised JavaScript files distributed via the CDN of Awesome Motive, affecting WordPress plugins OptinMonster, TrustPulse, and PushEngage in a supply-chain attack. The malicious code triggered only when a logged-in administrator loaded the page, silently creating a rogue admin account and installing a persistent backdoor plugin — a stealthy, privilege-aware infection vector affecting potentially hundreds of thousands of WordPress sites.

Read full article → https://thehackernews.com/2026/06/popular-wordpres…

Relevance score: 80.0/100

# More from June 16

  1. 1
    Palo Alto Warns of Active Exploitation of PAN-OS GlobalProtect VPN Flaw The Hacker News
  2. 2
    Cisco fixes SD-WAN vManage flaw exploited in zero-day attacks BleepingComputer
  3. 3
    Chinese hackers breach REDCap servers, steal medical research BleepingComputer
  4. 4
    New attack turned Microsoft 365 Copilot into 1-click data theft tool BleepingComputer
  5. 5
    FBI, Google Dismantle ‘Outsider Enterprise’ Phishing Service SecurityWeek
  6. 7
    French Government Messaging Platform Breached by Mysterious ‘Misere’ Hacker SecurityWeek
  7. 8
    Ukrainian Man Pleads Guilty in US to Conti Ransomware Charges SecurityWeek
  8. 9
    Infinite Campus data breach affects 137,000 school staff accounts BleepingComputer
  9. 10
    Ransomware Attack Shuts Down Mills of Australia’s Second-Largest Sugar Producer SecurityWeek