{"uuid": "bb2158d6-b027-416f-a4a2-1a366673791a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-26980", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mmqm3dsk4c2g", "content": "Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks\n\nThreat actors are exploiting a recently disclosed critical security flaw in Ghost CMS to inject malicious JavaScript code with an aim to fuel ClickFix attacks.\n\nAccording to QiAnXin XLab, the activity in\u2026\n#hackernews #news", "creation_timestamp": "2026-05-26T08:45:00.849279Z"}