cybercrime.clubhttps://cybercrime.club/tags/clickfix/Infrastructure security news for people who build infrastructure.Hugo -- gohugo.ioen-usMon, 25 May 2026 23:09:09 -0400Ghost CMS CVE-2026-26980: Unauthenticated SQL Injection Powers a 700-Site ClickFix Campaignhttps://cybercrime.club/posts/ghost-cms-cve-2026-26980-content-api-sqli-clickfix/Mon, 25 May 2026 23:09:09 -0400https://cybercrime.club/posts/ghost-cms-cve-2026-26980-content-api-sqli-clickfix/CVE-2026-26980 is a CVSS 9.4 unauthenticated SQL injection in Ghost's Content API. A patch shipped in February; attackers have since industrialized it into an automated campaign that has hijacked 700+ sites — including Harvard, Oxford, and DuckDuckGo — to serve ClickFix malware.vulnerabilities