ACSC Issues Critical Alert on Exploited CMS Vulnerabilities

ACSC Issues Critical Alert on Exploited CMS Vulnerabilities

First seen 9 Jul 2026, 20:56 UTC CybersecuritynewsItnews.Auwww.wordfence.com 80% similarity 72.9

Article Content

Browse articles
ThreatCluster

The Australian Cyber Security Centre (ACSC) has issued a second alert in two months regarding a large-scale hacking campaign exploiting unpatched vulnerabilities in content management systems (CMS). The campaign targets 17 specific vulnerabilities, affecting websites globally, particularly those of small- to medium-sized businesses in Australia. Notably, CVE-2025-32432, a zero-day vulnerability in Craft CMS, was exploited for two months before a patch was released in April 2025. Other affected systems include various WordPress plugins like GutenKit and Hunk Companion, which were patched in 2024 but continue to see exploitation attempts. The ACSC advises administrators to check for indicators of compromise and apply available security updates immediately. The alert follows a previous warning about the ClickFix campaign, which delivered malware to compromised WordPress sites. The situation has escalated to a critical alert status due to the ongoing exploitation of these vulnerabilities.

Key Points: • ACSC warns of a critical alert on CMS vulnerabilities exploited in a large-scale campaign. • 17 vulnerabilities are targeted, including CVE-2025-32432 affecting Craft CMS. • Administrators are urged to apply patches and check for indicators of compromise.

ThreatCluster AI

Timeline

2025-04-25
CVE-2025-32432 published
A zero-day vulnerability in Craft CMS was disclosed, leading to significant exploitation.
Itnews.Au
2026-03-20
CVE-2025-32432 added to CISA KEV
CVE-2025-32432 was recognized for active exploitation, prompting heightened awareness.
Itnews.Au
2026-05-01
ClickFix campaign alert issued
ACSC issued a warning about a campaign delivering Vidar Stealer malware via compromised WordPress sites.
Itnews.Au
2026-07-09
Second ACSC alert issued
ACSC issues a second alert on CMS vulnerabilities, emphasizing ongoing exploitation of patched flaws.
Itnews.Au

Community

Browse all →