On May 14, 2026, security researchers at Zscaler ThreatLabz uncovered a significant supply chain attack targeting the Okendo Reviews widget. Threat actors known as SmartApeSG successfully injected malicious JavaScript into this popular e-commerce plugin, potentially exposing millions of online shoppers to malware. Because more than 18,000 brands use this widget on highly visible storefronts and […]
The post Hackers Inject Malicious JavaScript Into Okendo Reviews Widget to Target E-Commerce Sites appeared first on Cyber Security News.