Ghost CMS flaw hijacked to target hundreds of websites with ClickFix attacks — here's how to stay safe
A critical SQL injection vulnerability in Ghost CMS is being exploited in a large ClickFix campaign. Over 700 domains, including major universities and tech firms, have been compromised to deliver malware. Administrators are urged to upgrade to the latest version of Ghost CMS and monitor their systems for potential breaches.
- ▪The vulnerability, tracked as CVE-2026-26980, has a severity score of 9.4 and affects Ghost CMS versions 3.24.0 through 6.19.0.
- ▪Compromised domains include Harvard University, Oxford University, and DuckDuckGo, among others.
- ▪The ClickFix scam tricks victims into believing they have a problem and deploys malware as a supposed solution.
Opening excerpt (first ~120 words) tap to expand
Pro Security Ghost CMS flaw hijacked to target hundreds of websites with ClickFix attacks — here's how to stay safe News By Sead Fadilpašić published 26 May 2026 A critical-level flaw in a popular CMS is being leveraged When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. (Image credit: Getty Images/Tatiana Maksimova) Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter Researchers warn CVE‑2026‑26980, a critical SQL injection flaw in Ghost CMS (score 9.4), is being exploited in a large ClickFix campaignOver 700 domains, including Harvard, Oxford, DuckDuckGo, and major AI/SaaS firms, were…
Excerpt limited to ~120 words for fair-use compliance. The full article is at TechRadar.
Discussion
0 commentsMore from TechRadar
