{"uuid": "b144f4cc-3828-40c1-b45c-899263c87c80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-26980", "type": "seen", "source": "https://bsky.app/profile/pixelsandpulse.bsky.social/post/3mmmrp4jeup2s", "content": "Over 700 Ghost CMS sites, from Harvard to tech blogs, are now pushing malware via the \"ClickFix\" SQL injection campaign. If you run Ghost CMS and haven't patched CVE-2026-26980, your site is a trap.\n\nhttps://www.tpp.blog/22syy9o\n\n#cybersecurity #ghostcms #clickfix", "creation_timestamp": "2026-05-24T20:14:53.463104Z"}