Attackers compromised the OptinMonster WordPress plugin and two related plugins through a supply-chain attack targeting their content delivery network, potentially exposing websites that use these plugins to malicious code injection and credential theft.
Read the full article: https://www.bleepingcomputer.com/news/security/optinmonster-wordpress-plugin-hacked-in-cdn-supply-chain-attack/