Supply chain hijack hits WordPress plugins, creating rogue admins

A recent supply-chain attack has targeted popular WordPress plugins, compromising over 1.2 million sites. The malware, identified by Sansec, affected JavaScript files in OptinMonster, TrustPulse, and PushEngage. Upon detection of an admin account, the malware activates, creating a rogue administrator account and installing a backdoor plugin. The attack resembles a previous incident from 2024 involving the Polyfill library. The exposure was brief, with tampered code logged for only about half an hour. Users of Awesome Motive plugins are advised to check for unauthorized admin accounts.