top of page
ALL POSTS
Ghost CMS Vulnerability Exploited in Large-Scale ClickFix Campaign Affecting Hundreds of Sites
Key Findings Attackers are actively exploiting CVE-2026-26980, a patched SQL injection flaw in Ghost CMS, to compromise over 700 unpatched websites The vulnerability allows unauthorized access to admin API keys, enabling attackers to inject malicious JavaScript into published articles Compromised sites are being weaponized to deliver ClickFix attacks, tricking users into running malicious commands via fake CAPTCHA pages Affected organizations include universities, media outle
May 254 min read
JDownloader Site Compromised: Malicious Installers Distribute Python RAT Malware
Key Findings JDownloader's official website was compromised on May 6-7, allowing attackers to distribute malicious Windows and Linux installers The attack exploited an unpatched CMS vulnerability that allowed unauthorized modification of access control lists without authentication Only alternative installers were affected; macOS versions, core JAR files, and in-app updates remained secure due to separate infrastructure and cryptographic verification Users who downloaded compr
May 102 min read
bottom of page
