SecurityWeek

Ghost CMS Vulnerability Exploited to Hack Over 700 Websites

Sites belonging to major universities such as Harvard and Oxford, as well as DuckDuckGo, have been compromised in the attack.
The Next Web

Most organisations still store their passwords wrong. Here is what actually works.

Credential governance matters more than credential storage. How Keeper Security handles passwords, secrets, and privileged access under one platform.
TechCentral

Threat actors don’t hack in anymore – they log in

Altron Digital Business and Microsoft unpack the cloud security challenges facing South African enterprises today.
Infosecurity Magazine

Iran-Linked Hackers Target US Aviation with Phishing and SEO Poisoning Campaign

Iranian state-aligned hackers have pushed a new backdoor through a mix of career-themed phishing and, for the first time, ...

7-Eleven data breach exposes personal information of 185,000 people

The ShinyHunters extortion gang stole the personal information of over 183,000 people after hacking the systems of ...
Tech Times

Ghost CMS SQL Injection Hits 700 Sites: Harvard, DuckDuckGo Serve Fake Cloudflare Malware

Ghost CMS SQL injection campaign has compromised 700+ websites — including Harvard University, Oxford University, and DuckDuckGo — using a CVSS 9.4 flaw to inject ClickFix malware lures that trick ...
The Hacker News

Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks

Ghost CMS flaw CVE-2026-26980 enabled attacks on 700+ sites, injecting ClickFix malware through fake CAPTCHA pages.
The Hacker News

⚡ Weekly Recap: Linux Flaws, Defender 0-Days, Router Botnets, and Supply Chain Chaos

Supply chain chaos, old bugs, smarter phishing, and botnets everywhere — here’s what broke the internet this week.