Bleeping Computer

Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign

A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious JavaScript code that triggers ClickFix attack flows. The campaign was ...
The Hacker News

Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks

Ghost CMS flaw CVE-2026-26980 enabled attacks on 700+ sites, injecting ClickFix malware through fake CAPTCHA pages.

OpenAI files for U.S. IPO, following Anthropic to public markets

ChatGPT-maker OpenAI confidentially filed for a U.S. initial public offering on Monday, joining rival Anthropic in a push ...
The Caledonian-Record

Ascensia Diabetes Care Expands CONTOUR® Portfolio with CONTOUR®COMFORT Pen Needles to Bring Greater Stability and Control to the Everyday Injection Experie…

Ascensia Diabetes Care, a global diabetes care company and subsidiary of PHC Holdings Corporation (TSE 6523), today announced ...

Hackers hijack thousands of sites for ClickFix and FakeUpdate attacks

A threat actor tracked as DriveSurge has been operating large-scale malware distribution campaigns using ClickFix and ...

Ottawa to direct CRTC to scrap demands for streamers to fund local news, niche broadcasters

The move would roll back the implementation of the Online Streaming Act, which has become an irritant in U.S. trade talks ...
Tech Times

Ghost CMS SQL Injection Hits 700 Sites: Harvard, DuckDuckGo Serve Fake Cloudflare Malware

Ghost CMS SQL injection campaign has compromised 700+ websites — including Harvard University, Oxford University, and DuckDuckGo — using a CVSS 9.4 flaw to inject ClickFix malware lures that trick ...

Receiver appointed to oversee sale of Germantown manufacturer

Preview this article 1 min A court-appointed receiver is pursuing a sale of the Germantown manufacturing business as a going ...

Red Hat hit by npm supply‑chain attack - here's how to stay safe

Days after IBM and Red Hat announced a master security plan for open-source software, Red Hat suffers a major breach of its ...

Security News This Week: Crypto-Funded Chinese Peptide Labs Are Booming

Plus: Hackers use Meta’s AI bots to hack Instagram accounts, Anthropic helps NSA hackers, a decades-long GPS satellite ...
The Hacker News

IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks

Multiple npm supply chain attacks used 50+ poisoned packages to spread IronWorm, a Rust-based stealer, and a Miasma worm ...
The Caledonian-Record

Clean Energy Begins Producing RNG at East Valley Cattle, One of the Largest Dairies in the Country

Clean Energy Fuels Corp. (NASDAQ: CLNE) has announced it has completed its eighth dairy renewable natural gas (RNG) ...