Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

3 headlines in this view

Showing 3 most recent headlines Filtered view

The Hacker News 1 week, 2 days ago

Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks

Threat actors are exploiting a recently disclosed critical security flaw in Ghost CMS to inject malicious JavaScript code with an aim to fuel ClickFix attacks

More from The Hacker News 26 May 2026, 12:02 a.m. Incident · 5 stories CVE-2026-26980 API CVE Critical Disclosure Flaw JavaScript SQL Threat Actor Unauthenticated Vulnerability

Bleeping Computer 1 week, 3 days ago

Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign

A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious JavaScript code that triggers ClickFix attack flows. [...]

More from Bleeping Computer 25 May 2026, 2:12 a.m. Incident · 5 stories CVE-2026-26980 CVE Critical Flaw JavaScript SQL Vulnerability

The Hacker News 4 weeks, 1 day ago

MetInfo CMS CVE-2026-29014 Exploited for Remote Code Execution Attacks

Threat actors are actively exploiting a critical security flaw impacting an open-source content management system (CMS) known as MetInfo, according to new findings from VulnCheck

More from The Hacker News 5 May 2026, 11:56 p.m. Incident · 5 stories CVE-2026-29014 CVE Critical Flaw Open Source PHP Remote Code Execution Threat Actor Unauthenticated Vulnerability

Latest cybersecurity reporting from selected sources.

Refine the feed

Volume over time

Fresh headlines available

Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks

Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign

MetInfo CMS CVE-2026-29014 Exploited for Remote Code Execution Attacks