Popular WordPress Plugin Scripts Tampered to Plant Hidden Backdoors on Sites

Attackers compromised JavaScript files used by three popular WordPress plugins (PushEngage, OptinMonster, and TrustPulse), injecting malicious code that created unauthorized admin accounts and installed hidden backdoor plugins when site administrators were logged in. The attack specifically targeted authenticated administrators while leaving ordinary site visitors unaffected, demonstrating a sophi

An attacker tampered with trusted JavaScript files used by WordPress sites running PushEngage, OptinMonster, and TrustPulse, turning those files into a way to break into the sites. When a site administrator was logged in as the file loaded, the code created an admin account under the attacker's control and installed a hidden plugin that opened a way back in. Ordinary visitors did not trigger it

Originally published at thehackernews.com

#Backdoor-Malware #Cybersecurity #Malware #Supply-Chain-Attack #Vulnerabilities #Web Application Security #WordPress Security

Popular WordPress Plugin Scripts Tampered to Plant Hidden Backdoors on Sites

Talk to an architect about applying this to your stack.

More from the journal

US Cracks Down on Anthropic AI Models Amid Abuse Concerns

The Onboarding Password Mistake That Creates Unnecessary Risk

152 Chrome Wallpaper Extensions with 105K Installs Linked to Adware and Fake Traffic