Update-server compromise incidents
2 confirmed incidents involving the update-server-compromise technique.
- containedhigh
OptinMonster WordPress plugin hacked in CDN supply-chain attack
OptinMonster, TrustPulse, and PushEngage WordPress plugins were compromised in a supply-chain attack targeting Awesome Motive's content distribution network (CDN). The compromise affected plugin distribution and delivery to end users.
Container registryOtherUpdate-server compromise - containedhigh
Hola Browser for Windows compromised to deliver cryptominer
The Windows version of Hola Browser was compromised in a supply chain attack that delivered an undeclared cryptocurrency miner executable to users. The compromise affected the browser's distribution or update mechanism.
OtherCompromised packageUpdate-server compromise