OphimCMS Supply Chain Attack Delivers Trojanized jQuery via Malicious Packagist Themes

OphimCMS Supply Chain Attack Delivers Trojanized jQuery via Malicious Packagist Themes

First seen 17 Mar 2026, 13:22 UTC GbhackersCybersecuritynews 96% similarity 64.5

Article Content

Browse articles
ThreatCluster

A supply chain attack has compromised OphimCMS, a Vietnamese-language Laravel CMS, through six malicious Composer packages published on Packagist. These packages, disguised as legitimate themes, contain trojanized JavaScript assets, primarily fake jQuery libraries, aimed at redirecting site visitors to malicious sites. The attack specifically targets users of OphimCMS, which is commonly used for movie streaming websites. Researchers discovered the malicious packages under the 'ophimcms' namespace, indicating a targeted approach to exploit this particular CMS. The scope of the attack is significant as it affects any website utilizing these themes, potentially impacting a large number of users. Currently, there is no mention of a patch or remediation available for affected users. Security professionals are advised to monitor for any signs of compromise related to these packages.

Key Points: • Six malicious Composer packages targeting OphimCMS were found on Packagist. • Trojanized JavaScript assets in these packages aim to redirect site visitors. • No current patch or remediation is available for affected users.

ThreatCluster AI

Timeline

2026-03-17
Discovery of six malicious packages on Packagist
2026-03-17
Articles published detailing the OphimCMS supply chain attack

Community

Browse all →