Skip to main content

Tag: content management systems

7 articles

Vulnerable WordPress site setup with laptop, router, and modem on a minimalist desk.

WordPress Sites Targeted as Public Exploits Emerge for wp2shell Flaws

A critical vulnerability in WordPress Core, dubbed "wp2shell," has been discovered, allowing hackers to remotely execute code on affected sites - putting your online presence at risk if you haven't updated yet. Immediate action is urged for site operators to protect against this high-severity threat.

Analyst 207
Small business office with computers and router, showing vulnerability through a large window overlooking a generic…

Australian Cyber Agency Warns of Global CMS Exploitation Campaign

Beware: a large-scale cyber attack is targeting content management systems worldwide, including in Australia, putting many small- to medium-sized businesses at risk of service disruption, credential theft, and malware installation. The Australian Cyber Security Centre warns that this global campaign is actively scanning for vulnerabilities and compromising websites.

Analyst 207
Laptop screen displays a blurred CMS interface with a cityscape background.

Ghost CMS Flaw Exploited to Hijack Over 700 Sites in ClickFix Attacks

Over 700 websites were hijacked in a massive campaign that exploited a critical Ghost CMS vulnerability, turning legitimate pages into gateways for Windows malware. This alarming attack was made possible by CVE-2026-26980, an SQL injection flaw with a near-perfect CVSS score of 9.4.

Analyst 207
Laptop screen displays website homepage amidst papers and coffee cups in a busy workspace.

Ghost CMS SQL flaw fuels large-scale ClickFix attacks

Over 700 domains were hit in a massive cyberattack that exploited a critical vulnerability in Ghost CMS, putting sensitive data at risk. The flaw, tracked as CVE-2026-26980, allowed hackers to tap into site databases and steal admin API keys.

Analyst 207
Developer urgently working on laptop with clock nearby, surrounded by notes.

Drupal Warns of Highly Critical Vulnerability Requiring Immediate Patch

Drupal is warning of a highly critical vulnerability that requires immediate attention, urging site operators to clear their calendars for a crucial patch rollout on Wednesday, May 20, between 1700 and 2100 UTC. Exploits could be developed within hours or days, making swift action essential to protect your site.

Analyst 207
Laptop screen displays warning message amidst office workspace.

Drupal Users Face Urgent Patch Deadline

Drupal users, take note: a highly critical core patch is coming and it's essential to act fast to secure your site. Get ready to install the update ASAP to avoid potential risks.

Analyst 207
Developer prepares for software update in workspace with notes and calendar marking May 20, 2026.

Drupal Warns of Imminent Core Security Updates, Urges Site Prep

Drupal is warning site owners to prepare for imminent core security updates, urging them to reserve time on May 20, 2026, between 5-9 p.m. UTC, to apply crucial patches and protect against potential exploits. Don't miss this window to safeguard your site and stay ahead of potential threats!

Analyst 207