OptinMonster Plugin Compromised in Supply-Chain Attack

A critical security breach has hit the popular OptinMonster plugin, used by over 1.2 million websites, which delivered malicious JavaScript to unsuspecting users via a compromised content distribution network. The attack, detected by ecommerce security firm Sansec, injected harmful code into websites for a brief but perilous window…

https://osintsights.com/optinmonster-plugin-compromised-in-supply-chain-attack?utm_source=mastodon&utm_medium=social

#SupplyChain #PluginCompromise #CdnCompromise #JavascriptMalware #EmergingThreats

PureLogs Infostealer Exploits Purchase Order Phishing Lures

Beware of purchase order phishing scams that can deliver a powerful infostealer, capable of stealing sensitive credentials and cryptocurrency keys, via a simple yet cleverly disguised email with a malicious RAR attachment. Even security software can be fooled, as one campaign was only flagged as a threat after it was already…

https://osintsights.com/purelogs-infostealer-exploits-purchase-order-phishing-lures?utm_source=mastodon&utm_medium=social

#PurchaseOrderPhishing #Infostealer #FilelessMalware #JavascriptMalware #RarArchive