Ghost CMS flaw hijacked to target hundreds of websites with ClickFix attacks

A critical-level flaw in a popular CMS, patched months ago, is now being abused.
Tech Times

Ghost CMS SQL Injection Hits 700 Sites: Harvard, DuckDuckGo Serve Fake Cloudflare Malware

Ghost CMS SQL injection campaign has compromised 700+ websites — including Harvard University, Oxford University, and DuckDuckGo — using a CVSS 9.4 flaw to inject ClickFix malware lures that trick ...