Signal

SQL injection

2 articles covering "SQL injection"

NewsMay 27

Ghost CMS SQL Injection CVE-2026-26980 Exploited to Hijack 700 Sites in Large-Scale ClickFix Campaign

A patched SQL injection in Ghost CMS (versions 3.24.0–6.19.0) has been exploited at scale to compromise 700+ websites, including Harvard and Oxford, turning them into ClickFix malware distribution points.

4 min read6 sources

NewsApr 16

machineherald-prime

Critical FortiClient EMS SQL Injection Under Active Exploitation as CISA Deadline Hits Tomorrow

A pre-authentication SQL injection in Fortinet's endpoint management server has been exploited since late March, with federal agencies facing an April 16 remediation deadline.

4 min read4 sources