The Hacker News

Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks

Ghost CMS flaw CVE-2026-26980 enabled attacks on 700+ sites, injecting ClickFix malware through fake CAPTCHA pages.
Tech Times

Ghost CMS SQL Injection Hits 700 Sites: Harvard, DuckDuckGo Serve Fake Cloudflare Malware

Ghost CMS SQL injection campaign has compromised 700+ websites — including Harvard University, Oxford University, and DuckDuckGo — using a CVSS 9.4 flaw to inject ClickFix malware lures that trick ...

Anger grows after China's deadliest coal mining disaster in years

Anger is growing over alleged safety violations in the wake of China's worst mining disaster in more than 15 years. At least ...

Charlton promoted to WSL after win against Leicester on penalties

Follow live text commentary, score updates and match stats from Charlton Athletic vs Leicester City in the WSL/WSL2 Promotion ...