Ghost CMS Vulnerability Exploited to Hack Over 700 Websites

Source: Oodaloop

Published:

<p>A recently patched SQL injection flaw in Ghost CMS has been exploited in mass attacks against unpatched sites. Threat actors stole Admin API keys and injected malicious JavaScript into articles, enabling large‑scale ClickFix attacks. More than 700 websites including those of Harvard, Oxford, and

Read original article