SECURITYBLEEPING COMPUTER
Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign
A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious JavaScript code, enabling ClickFix attack flows. The flaw allows attackers to execute arbitrary SQL commands and compromise affected websites.
Mentioned
Related Signal
Adjacent reporting
- Drupal: Critical SQL injection flaw now targeted in attacks
- Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV
- LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure
- Actively exploited Apache ActiveMQ flaw impacts 6,400 servers
- April Patch Tuesday Fixes Critical Flaws Across SAP, Adobe, Microsoft, Fortinet, and More
- Critrical cPanel flaw mass-exploited in "Sorry" ransomware attacks