CMS Wire

SQL Injection and Little Bobby Tables: How to Protect Your CMS

If your eyes glazed over at the recent announcement of an “SQL injection” vulnerability in WordPress, take heart. You’re not alone. SQL injection attacks are a common kind of security flaw, but are ...

Ghost CMS flaw hijacked to target hundreds of websites with ClickFix attacks — here's how to stay safe

Researchers warn CVE‑2026‑26980, a critical SQL injection flaw in Ghost CMS (score 9.4), is being exploited in a large ...
Tech Times

Ghost CMS SQL Injection Hits 700 Sites: Harvard, DuckDuckGo Serve Fake Cloudflare Malware

Ghost CMS SQL injection campaign has compromised 700+ websites — including Harvard University, Oxford University, and DuckDuckGo — using a CVSS 9.4 flaw to inject ClickFix malware lures that trick ...
Bleeping Computer

Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign

A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious JavaScript code that triggers ClickFix attack flows. The campaign was ...
CMS Wire

SQL Server 2008 R2: Business Intelligence for Excel and SharePoint

An opportunity to speak with Sabrena McBride, Senior Product Manager for SQL Server, provided a lot of insight into what's new in R2. Some of the highlights: Among other things, SQL Server 2008 R2 is ...
Infosecurity-magazine.com

SQL Injection Flaw Found in Mossack Fonseca CMS

An anonymous hacker has pointed out an SQL injection vulnerability in the IT systems of notorious Panamanian law firm Mossack Fonseca, hinting at sub-standard IT security at the firm which likely ...
Bleeping Computer

Latest Ghost CMS news

A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious JavaScript code that triggers ClickFix attack flows. A critical ...