URL has been copied successfully!
Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign
URL has been copied successfully!

Collecting Cyber-News from over 60 sources

Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign


Tags: , , , , , ,

A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious JavaScript code that triggers ClickFix attack flows.

First seen on bleepingcomputer.com

Jump to article: www.bleepingcomputer.com/news/security/ghost-cms-sql-injection-flaw-exploited-in-large-scale-clickfix-campaign/

Loading

Share via Email
Share on Facebook
Tweet on X (Twitter)
Share on Whatsapp
Share on LinkedIn
Share on Xing
Copy link

also interesting:

  1. Top 7 zero-day exploitation trends of 2024
  2. January 2026 Microsoft Patch Tuesday: Actively exploited zero day needs attention
  3. LeakyLooker: Hacking Google Cloud’s Data via Dangerous Looker Studio Vulnerabilities
  4. CVE-2026-35616: Fortinet FortiClientEMS improper access control vulnerability exploited in the wild