A massive cyberattack has compromised over 700 websites running Ghost CMS, including portals for prestigious universities like Harvard and Oxford. Discovered by security researchers at XLab on May 7, 2026, the campaign exploits a critical vulnerability to inject malicious JavaScript. This code powers a sophisticated “ClickFix” social engineering attack that tricks visitors into installing a […]
The post Ghost CMS Flaw Abused to Poison 700 Websites With ClickFix Malware appeared first on Cyber Security News.