Tag: website compromise
3 articles

Ghost CMS Flaw Exploited to Hijack Over 700 Sites in ClickFix Attacks
Over 700 websites were hijacked in a massive campaign that exploited a critical Ghost CMS vulnerability, turning legitimate pages into gateways for Windows malware. This alarming attack was made possible by CVE-2026-26980, an SQL injection flaw with a near-perfect CVSS score of 9.4.

JDownloader Site Compromised to Spread Python RAT Malware
A Reddit user recently raised the alarm after Microsoft Defender flagged a JDownloader download on their new PC, uncovering a sinister plot to spread Python RAT malware through the popular download manager's compromised website. The JDownloader site was hacked between May 6-7, 2026, allowing attackers to swap legitimate downloads with malicious payloads.

CPUID Website Compromised, Serves Malware via HWMonitor Downloads
For six hours, unsuspecting visitors to the CPUID website were put at risk of having their passwords stolen when malicious malware was served in place of the HWMonitor tool they were trying to download. This alarming security breach highlights the vulnerability even trusted sites can have, leaving users to wonder if their sensitive information is safe.