Tag: content management systems
7 articles

WordPress Sites Targeted as Public Exploits Emerge for wp2shell Flaws
A critical vulnerability in WordPress Core, dubbed "wp2shell," has been discovered, allowing hackers to remotely execute code on affected sites - putting your online presence at risk if you haven't updated yet. Immediate action is urged for site operators to protect against this high-severity threat.

Australian Cyber Agency Warns of Global CMS Exploitation Campaign
Beware: a large-scale cyber attack is targeting content management systems worldwide, including in Australia, putting many small- to medium-sized businesses at risk of service disruption, credential theft, and malware installation. The Australian Cyber Security Centre warns that this global campaign is actively scanning for vulnerabilities and compromising websites.

Ghost CMS Flaw Exploited to Hijack Over 700 Sites in ClickFix Attacks
Over 700 websites were hijacked in a massive campaign that exploited a critical Ghost CMS vulnerability, turning legitimate pages into gateways for Windows malware. This alarming attack was made possible by CVE-2026-26980, an SQL injection flaw with a near-perfect CVSS score of 9.4.

Ghost CMS SQL flaw fuels large-scale ClickFix attacks
Over 700 domains were hit in a massive cyberattack that exploited a critical vulnerability in Ghost CMS, putting sensitive data at risk. The flaw, tracked as CVE-2026-26980, allowed hackers to tap into site databases and steal admin API keys.

Drupal Warns of Highly Critical Vulnerability Requiring Immediate Patch
Drupal is warning of a highly critical vulnerability that requires immediate attention, urging site operators to clear their calendars for a crucial patch rollout on Wednesday, May 20, between 1700 and 2100 UTC. Exploits could be developed within hours or days, making swift action essential to protect your site.

Drupal Users Face Urgent Patch Deadline
Drupal users, take note: a highly critical core patch is coming and it's essential to act fast to secure your site. Get ready to install the update ASAP to avoid potential risks.

Drupal Warns of Imminent Core Security Updates, Urges Site Prep
Drupal is warning site owners to prepare for imminent core security updates, urging them to reserve time on May 20, 2026, between 5-9 p.m. UTC, to apply crucial patches and protect against potential exploits. Don't miss this window to safeguard your site and stay ahead of potential threats!