Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks
Threat actors are exploiting a recently disclosed critical security flaw in Ghost CMS to inject malicious JavaScript code with an aim to fuel ClickFix attacks
SQL is the language used to query databases, making injection flaws, insecure permissions, and exposed data important security risks.
Search across headline titles and summaries.
Background for this topic.
SQL is the language commonly used to query and modify relational databases, which store structured application data such as accounts, transactions, and records. In information security, SQL matters both as a core data-access technology and through vulnerabilities in the applications, database engines, and administration interfaces that use it.
SQL injection occurs when an application combines untrusted input with SQL commands, allowing an attacker—depending on the flaw and database permissions—to read, alter, or delete data or bypass application controls. Developers should use parameterized queries or prepared statements, avoid building commands through string concatenation, and apply least-privilege database accounts. Security teams should also track database and driver vulnerabilities, restrict administrative access, protect credentials, and monitor query and authentication logs. Input validation can supplement these controls but is not a reliable substitute for separating data from executable SQL.
Weekly headline count for the current query.
Threat actors are exploiting a recently disclosed critical security flaw in Ghost CMS to inject malicious JavaScript code with an aim to fuel ClickFix attacks
In yet another instance of threat actors quickly jumping on the exploitation bandwagon, a newly disclosed critical security flaw in BerriAI's LiteLLM Python package has come under active exploitation in the wild within 36 hours of the bug becoming public knowledge
Fortinet has released fixes for a critical security flaw impacting FortiWeb that could enable an unauthenticated attacker to run arbitrary database commands on susceptible instances
A now-patched critical security flaw impacting Fortinet FortiClient EMS is being exploited by malicious actors as part of a cyber campaign that installed remote desktop software such as AnyDesk and ScreenConnect. The vulnerability in question is CVE-2023-48788 (CVSS score: 9.3), an SQL injection bug that allows attackers to execute unauthorized code or commands by sending specially crafted