Ghost CMS Vulnerability Exploited to Infect 700 Sites With ClickFix Malware
Source: Gbhackers
Published:
<p>Hackers are actively exploiting a critical SQL injection vulnerability in Ghost CMS (CVE-2026-26980) to compromise websites and distribute ClickFix malware through large-scale page-poisoning attacks. The vulnerability allows attackers to extract sensitive database contents without authentication,