Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign

A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious ...

Why decades-old attacks still work, and why that should worry you

AI systems inherit decades-old security flaws many organizations still fail to address consistently.
Tech Times

Ghost CMS SQL Injection Hits 700 Sites: Harvard, DuckDuckGo Serve Fake Cloudflare Malware

Ghost CMS SQL injection campaign has compromised 700+ websites — including Harvard University, Oxford University, and DuckDuckGo — using a CVSS 9.4 flaw to inject ClickFix malware lures that trick ...
Morning Overview on MSN

Fortinet rushed an emergency fix after attackers turned its own FortiClient security ...

Fortinet’s FortiClient endpoint management software, meant to harden corporate and government machines, instead exposed them ...