Popular WordPress Plugin Scripts Tampered to Plant Hidden Backdoors on Sites

A Aarav Mehta Published Jun 15, 2026 · 15:29 · 1 min read feedburner

Popular WordPress Plugin Scripts Tampered to Plant Hidden Backdoors on Sites

An attacker tampered with trusted JavaScript files used by WordPress sites running PushEngage, OptinMonster, and TrustPulse, turning those files into a way to break into the sites. When a site administrator was logged in as the file loaded, the code created an admin account under the attacker's control and installed a hidden plugin that opened a way back in. Ordinary visitors did not trigger it

Source: feedburner

Aarav Mehta — Technology desk.

Comments (0)

Be the first to comment.

Join the discussion

Related

C++ Rewrite Fuels Millenium RAT's Global Infiltration, Compromising Over 62,000 Devices

Technology · 9h ago

C++ Rewrite Fuels Millenium RAT's Global Infiltration, Compromising Over 62,000 Devices

A sophisticated cyber threat known as Millenium RAT has reportedly infiltrated more than 62,000 devices across a…

By Diya Sharma cybersecuritynews

Microsoft Purges 119 Edge Extensions Hiding Stealthy 'StegoAd' Malware

Technology · 10h ago

Microsoft Purges 119 Edge Extensions Hiding Stealthy 'StegoAd' Malware

Microsoft has announced the removal of 119 malicious extensions from its Edge Add-ons store, effectively dismantling a…

By Aarav Mehta feedburner

South Korea Unveils Trillion-Dollar Strategy to Cement Semiconductor and AI Leadership

Technology · 12h ago

South Korea Unveils Trillion-Dollar Strategy to Cement Semiconductor and AI Leadership

South Korea has announced an ambitious investment plan totaling approximately $1 trillion, earmarking the colossal sum…

By Aarav Mehta BBC Technology