A widespread supply-chain attack has compromised multiple WordPress plugins, affecting as many as 36,000 sites. Hackers have exploited these plugins to create rogue admin accounts, posing significant cybersecurity risks. Additionally, over 110,000 websites using Polyfill.io code have been impacted by a separate supply chain attack. Users are advised to remove Polyfill.io code immediately to mitigate risks. The cybersecurity community is on high alert as these attacks, reported on June 24, June 25, and June 26, highlight vulnerabilities in widely-used web technologies.