OptinMonster WordPress plugin hacked in CDN supply-chain attack

Monday, June 15, 2026 at 05:37 PM UTC·Source: BleepingComputer

Updated: Monday, June 15, 2026 at 06:01 PM UTC

Executive Summary

WordPress plugins OptinMonster, TrustPulse, and PushEngage have been compromised in a supply-chain attack impacting Awesome Motive-s content distribution network (CDN). [...]

Analysis

WordPress plugins OptinMonster, TrustPulse, and PushEngage have been compromised in a supply-chain attack impacting Awesome Motive-s content distribution network (CDN). [...]

Source Attribution

Originally published by BleepingComputer on Jun 15, 2026.

Related Threats

MEDIUMSupply Chain

Atomic Arch Supply Chain Attack Hits 1,500 AUR Packages

Arch Linux suspended account registrations in response to the wave of malicious packages being uploaded to AUR. The post Atomic Arch Supply Chain Attack Hits 1,500 AUR Packages appeared first on SecurityWeek .

13h agoSecurityWeek

CRITICALSupply Chain

Cisco patches SD-WAN flaw amid evidence of active exploitation

Cisco has released fixes for a vulnerability in its Catalyst SD-WAN Manager software after becoming aware of limited exploitation of the flaw, which could allow an authenticated attacker to create or overwrite files that may later be used to gain root privileges. The vulnerability, tracked as CVE-2026 – 20262 , affects the web interface of Cisco Catalyst SD-WAN Manager, formerly known as SD-WAN vM

14h agoCSO Online

MEDIUMSupply Chain

Software Dependency Cooldowns Are a Symptom, Not a Strategy

<div class="hs-featured-image-wrapper"> <a href="https://www.sonatype.com/blog/software-dependency-cooldowns-are-a-symptom-not-a-strategy" title="" class="hs-featured-image-link"> <img src="https://www.sonatype.com/hubfs/blog_dependency_cooldown.jpg" alt="Image with triangle shape at center containing an exclamation point, signifying a notification icon. Triangle is at center of line connectors to

1d agoSonatype (Maven/npm)