SEES A.I CyberSecurity Scoring
SEES
Company Information
Website:https://sansec.io/
Employees number:5
Number of followers:2,739
NAICS:513
Industry Type:Technology, Information and Internet
Homepage:sansec.io
SEES Risk Score (AI oriented)
Between 700 and 749
SEESTechnology, Information and Internet
Updated:
16/06/2026
16/06/2026
732/1000
Moderate
Ba
SEES Global Score (TPRM)
xxxx
SEESTechnology, Information and Internet
Score locked

SEESModerate
Current Score
732Ba (MODERATE)
01000
1 incidents
-32 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
732
JUNE 2026
764
Cyber Attack
16 Jun 2026 • SEES
PushEngage, OptinMonster, TrustPulse and Awesome Motive: OptinMonster Plugin Hack Exposes 1.2 Million WordPress Sites to Cyberattack
Massive WordPress Supply Chain Attack Exposes 1.2 Million Sites
732
CRITICAL-32
AWESAN1781598286
Massive WordPress Supply Chain Attack Exposes 1.2 Million Sites
Security researchers at Sansec uncovered a large-scale supply chain attack targeting widely used WordPress plugins, exposing over 1.2 million websites to potential compromise. The campaign, active in recent weeks, involved malicious code injected into JavaScript files distributed via Awesome Motive’s CDN, affecting plugins like OptinMonster, TrustPulse, and PushEngage with OptinMonster alone installed on over one million sites.
Instead of directly breaching individual websites, attackers compromised upstream files hosted on Awesome Motive’s infrastructure. When loaded, the malware executed stealthily, activating only during authenticated WordPress admin sessions to evade detection. The payload gathered site metadata and authentication tokens, then attempted to create unauthorized admin accounts including a fixed account named developer_api1 and randomized accounts following the dev_xxxxxx pattern.
The malware established persistence by installing a hidden backdoor plugin, disguised as tools like "Content Delivery Helper" or "Database Optimizer", which evaded WordPress dashboards, API responses, and logs. It enabled full remote control, allowing arbitrary command execution via crafted requests. Stolen data was encrypted and sent to a command-and-control server at tidio[.]cc (84.201.6.54), a domain mimicking a legitimate service.
Awesome Motive attributed the breach to a vulnerability in the UpdraftPlus plugin, which attackers exploited to access a marketing server, retrieve a CDN API key, and inject malicious code. The company has since removed the scripts, rotated credentials, purged CDN caches, and migrated affected systems. Patchstack reported blocking hundreds of exploitation attempts, confirming active abuse of the backdoor.
Administrators are advised to audit for rogue admin accounts, scan for hidden plugins, and rotate credentials if an admin session occurred during the attack window. The incident underscores the escalating risk of supply chain attacks in the WordPress ecosystem, where a single compromised vendor can impact millions of sites.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
MAY 2026
764
APRIL 2026
764
MARCH 2026
764
FEBRUARY 2026
764
JANUARY 2026
764
DECEMBER 2025
764
NOVEMBER 2025
764
OCTOBER 2025
764
SEPTEMBER 2025
764
AUGUST 2025
764
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for SEES ??
What was SEES's A.I Rankiteo Cyber Score in June 2026 ??
What was SEES's A.I Rankiteo Cyber Score in May 2026 ??
What was SEES's A.I Rankiteo Cyber Score in April 2026 ??
What was SEES's A.I Rankiteo Cyber Score in March 2026 ??
What was SEES's A.I Rankiteo Cyber Score in February 2026 ??
What was SEES's A.I Rankiteo Cyber Score in January 2026 ??
What was SEES's A.I Rankiteo Cyber Score in December 2025 ??
What was SEES's A.I Rankiteo Cyber Score in November 2025 ??
What was SEES's A.I Rankiteo Cyber Score in October 2025 ??
What was SEES's A.I Rankiteo Cyber Score in September 2025 ??
What was SEES's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on SEES's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with SEES ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view SEES's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?