Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign

A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious ...

Hackers hijack thousands of sites for ClickFix and FakeUpdate attacks

A threat actor tracked as DriveSurge has been operating large-scale malware distribution campaigns using ClickFix and ...
Tech Times

Ghost CMS SQL Injection Hits 700 Sites: Harvard, DuckDuckGo Serve Fake Cloudflare Malware

Ghost CMS SQL injection campaign has compromised 700+ websites — including Harvard University, Oxford University, and DuckDuckGo — using a CVSS 9.4 flaw to inject ClickFix malware lures that trick ...

Receiver appointed to oversee sale of Germantown manufacturer

Preview this article 1 min A court-appointed receiver is pursuing a sale of the Germantown manufacturing business as a going ...

WordPress malware uses Steam profile comments for command and control

The comments on some Steam Profiles are actually loaded with invisible malware.
The Caledonian-Record

PureCycle and StackTeck Successfully Produce Living Hinge Cap Using PureFive® Recycled Polypropylene

PureCycle Technologies, Inc. (Nasdaq: PCT), a U.S.-based company revolutionizing plastic recycling, and StackTeck Systems Ltd., a global manufacturer of high volume injection ...

Dr. Mark Lynn embraces football at namesake stadium

Dr. Mark Lynn didn’t expect his namesake soccer stadium to become a football venue. Four games into the Louisville Kings’ ...
Dark Reading

DriveSurge Hijacks Thousands of Sites for ClickFix, FakeUpdate Attacks

A sneaky IAB operation uses a malicious traffic distribution system (TDS) to redirect visitors of trusted websites to ones ...
The Caledonian-Record

Tennessee halts Tony Carruthers' execution after failing to find a vein for injection, attorney says

An attorney who was present for the planned execution of Tony Carruthers in Tennessee says it was called off after officials struggled to find a vein for an hour. Maria ...
Hackaday

This Week In Security: Ubiquiti Fixes, And FreeBSD Joins The Club You Don’t Want To Join

Ubiquiti released a new security bulletin detailing fixes for six security issues, including one rated 9.1 (critical) and one scoring a perfect 10.0 on the CVE risk scale. The vulnerabilities ...
Tech Times

WordPress 7.0 Ships AI Agent Infrastructure: API Key Theft Risk Surfaces on Launch Day

WordPress 7.0 “Armstrong,” released May 20, 2026, arrived without the real-time collaborative editing feature that had been ...
Foreign Affairs

Why a Cease-Fire Is Now a Real Possibility

The war in Ukraine has reached a turning point. Since the failure of Ukraine’s 2023 counteroffensive, Russia’s full-scale invasion settled into a predictable rhythm of summer and winter offensives, ...