AMI A.I CyberSecurity Scoring
AMI
Company Information
Website:https://awesomemotive.com
Employees number:254
Number of followers:24,063
NAICS:5112
Industry Type:Software Development
Homepage:awesomemotive.com
AMI Risk Score (AI oriented)
Between 700 and 749
AMISoftware Development
Updated:
16/06/2026
16/06/2026
736/1000
Moderate
Ba
AMI Global Score (TPRM)
xxxx
AMISoftware Development
Score locked

AMIModerate
Current Score
736Ba (MODERATE)
01000
1 incidents
-18 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
736
JUNE 2026
754
Cyber Attack
16 Jun 2026 • AMI
PushEngage, OptinMonster, TrustPulse and Awesome Motive: OptinMonster Plugin Hack Exposes 1.2 Million WordPress Sites to Cyberattack
Massive WordPress Supply Chain Attack Exposes 1.2 Million Sites
736
CRITICAL-18
AWESAN1781598286
Massive WordPress Supply Chain Attack Exposes 1.2 Million Sites
Security researchers at Sansec uncovered a large-scale supply chain attack targeting widely used WordPress plugins, exposing over 1.2 million websites to potential compromise. The campaign, active in recent weeks, involved malicious code injected into JavaScript files distributed via Awesome Motive’s CDN, affecting plugins like OptinMonster, TrustPulse, and PushEngage with OptinMonster alone installed on over one million sites.
Instead of directly breaching individual websites, attackers compromised upstream files hosted on Awesome Motive’s infrastructure. When loaded, the malware executed stealthily, activating only during authenticated WordPress admin sessions to evade detection. The payload gathered site metadata and authentication tokens, then attempted to create unauthorized admin accounts including a fixed account named developer_api1 and randomized accounts following the dev_xxxxxx pattern.
The malware established persistence by installing a hidden backdoor plugin, disguised as tools like "Content Delivery Helper" or "Database Optimizer", which evaded WordPress dashboards, API responses, and logs. It enabled full remote control, allowing arbitrary command execution via crafted requests. Stolen data was encrypted and sent to a command-and-control server at tidio[.]cc (84.201.6.54), a domain mimicking a legitimate service.
Awesome Motive attributed the breach to a vulnerability in the UpdraftPlus plugin, which attackers exploited to access a marketing server, retrieve a CDN API key, and inject malicious code. The company has since removed the scripts, rotated credentials, purged CDN caches, and migrated affected systems. Patchstack reported blocking hundreds of exploitation attempts, confirming active abuse of the backdoor.
Administrators are advised to audit for rogue admin accounts, scan for hidden plugins, and rotate credentials if an admin session occurred during the attack window. The incident underscores the escalating risk of supply chain attacks in the WordPress ecosystem, where a single compromised vendor can impact millions of sites.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
MAY 2026
754
APRIL 2026
754
MARCH 2026
754
FEBRUARY 2026
754
JANUARY 2026
754
DECEMBER 2025
754
NOVEMBER 2025
754
OCTOBER 2025
754
SEPTEMBER 2025
754
AUGUST 2025
754
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for AMI ??
What was AMI's A.I Rankiteo Cyber Score in June 2026 ??
What was AMI's A.I Rankiteo Cyber Score in May 2026 ??
What was AMI's A.I Rankiteo Cyber Score in April 2026 ??
What was AMI's A.I Rankiteo Cyber Score in March 2026 ??
What was AMI's A.I Rankiteo Cyber Score in February 2026 ??
What was AMI's A.I Rankiteo Cyber Score in January 2026 ??
What was AMI's A.I Rankiteo Cyber Score in December 2025 ??
What was AMI's A.I Rankiteo Cyber Score in November 2025 ??
What was AMI's A.I Rankiteo Cyber Score in October 2025 ??
What was AMI's A.I Rankiteo Cyber Score in September 2025 ??
What was AMI's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on AMI's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with AMI ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view AMI's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?