Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign

A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious ...
The Hacker News

TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO

TrapDoor spread 34 malicious packages across npm, PyPI, and Crates.io, stealing developer credentials and enabling persistence.
Tech Times

Ghost CMS SQL Injection Hits 700 Sites: Harvard, DuckDuckGo Serve Fake Cloudflare Malware

Ghost CMS SQL injection campaign has compromised 700+ websites — including Harvard University, Oxford University, and DuckDuckGo — using a CVSS 9.4 flaw to inject ClickFix malware lures that trick ...

Funnel Builder WordPress plugin bug exploited to steal credit cards

A critical vulnerability in the Funnel Builder plugin for WordPress is being actively exploited to inject malicious JavaScript snippets into WooCommerce checkout pages.

Italy condemn Wales to another Six Nations Wooden Spoon

Wales suffer another Six Nations clean sweep after losing to Italy, a result which extends their winless run to a record nine ...
Decrypt

Fake OpenAI Repo Hit #1 on Hugging Face—And Stole Passwords While It Trended

A fake repo impersonating the OpenAI Privacy Filter model racked up 244,000 downloads in under 18 hours before Hugging Face ...
CSO Online

Exchange Server zero-day vulnerability can be triggered by opening a malicious email

A newly discovered zero-day vulnerability in Microsoft Exchange Server has experts declaring an emergency and urging CSOs to ...

WSL final day recap: Champions Man City receive trophy, Arsenal finish second

Follow build-up, team news, score and live text commentary as all 12 Women's Super League sides are in action on the final ...

Microsoft Confirms Active 0-Day Exploit—Check Emergency Mitigation

Microsoft Exchange users are urged to mitigate a zero-day vulnerability that CISA has confirmed is under active exploitation.

Take Rimbaud, a new play about the futility of art, is a manifesto in every sense of the word

The play named its four characters A, B, C and M, and was, for the most part, plotless, a tangle of atmospheres and ideas ...

Is God Is review: This pulpy revenge thriller is an audacious debut

Harris announces herself as an ambitious filmmaker unafraid to wade into the blood and guts of moral complications ...