Skip to main content

Tag: website compromise

3 articles

Laptop screen displays a blurred CMS interface with a cityscape background.

Ghost CMS Flaw Exploited to Hijack Over 700 Sites in ClickFix Attacks

Over 700 websites were hijacked in a massive campaign that exploited a critical Ghost CMS vulnerability, turning legitimate pages into gateways for Windows malware. This alarming attack was made possible by CVE-2026-26980, an SQL injection flaw with a near-perfect CVSS score of 9.4.

Analyst 207
Laptop screen displays compromised website in home office setting.

JDownloader Site Compromised to Spread Python RAT Malware

A Reddit user recently raised the alarm after Microsoft Defender flagged a JDownloader download on their new PC, uncovering a sinister plot to spread Python RAT malware through the popular download manager's compromised website. The JDownloader site was hacked between May 6-7, 2026, allowing attackers to swap legitimate downloads with malicious payloads.

Analyst 207
Laptop screen displays warning symbol amidst dim cityscape, with distorted padlock and cascading binary code.

CPUID Website Compromised, Serves Malware via HWMonitor Downloads

For six hours, unsuspecting visitors to the CPUID website were put at risk of having their passwords stolen when malicious malware was served in place of the HWMonitor tool they were trying to download. This alarming security breach highlights the vulnerability even trusted sites can have, leaving users to wonder if their sensitive information is safe.

Analyst 207