Ghost CMS flaw hijacked to target hundreds of websites with ClickFix attacks

A critical-level flaw in a popular CMS, patched months ago, is now being abused.
Infosecurity-magazine.com

GambleForce Group Targets Websites With SQL Injection

Security researchers have warned of a new threat group targeting gambling, government, retail and travel websites to steal sensitive information including user credentials. Group-IB named the threat ...
Tech Times

Ghost CMS SQL Injection Hits 700 Sites: Harvard, DuckDuckGo Serve Fake Cloudflare Malware

Ghost CMS SQL injection campaign has compromised 700+ websites — including Harvard University, Oxford University, and DuckDuckGo — using a CVSS 9.4 flaw to inject ClickFix malware lures that trick ...
Dark Reading

Report: More Than 500,000 Websites Hit By New Form Of SQL Injection In '08

A new flavor of an old-school Web attack was responsible for compromising more than 500,000 Websites last year. An automated form of SQL injection using botnets emerged as the popular method of ...
eWeek

Hacker Hits British Navy Website with SQL Injection Attack

AI thrives on data but feeding it the right data is harder than it seems. As enterprises scale their AI initiatives, they face the challenge of managing diverse data pipelines, ensuring proximity to ...
Dark Reading

GhostShell Haunts Websites With SQL Injection

A hacker gang claims to have leaked more than a million user accounts from some 100 websites worldwide, and its weapon of choice appears to mainly be good ol' SQL injection. The GhostShell gang on ...