New Zero Day Magento Vulnerability Lets Hackers Take Over Sites in Seconds
A critical zero-day vulnerability in Magento called PolyShell enables attackers to take over e-commerce sites without authentication, requiring no user...
Magento Plugin With 12.5 Million Installs Discovered to Have Backdoor Malware
A Magento plugin with 12.5 million installations worldwide has been found to contain a backdoor vulnerability, exposing millions of e-commerce sites to...
Critical Magento Vulnerability Affects 12.5 Million Sites – Update Required Immediately
A critical vulnerability in Magento and Adobe Commerce has created an urgent security situation affecting e-commerce stores worldwide.
Ghost Vulnerability Database Adds 23 New CVEs This Month
The Ghost Vulnerability Database has identified 23 new CVEs this month, representing a significant uptick in security issues across various software...
Researchers Find 3 Critical Flaws in Popular Contact Form 7 Plugin Used by 4.8 Million Sites
Security researchers have identified three critical vulnerabilities in Contact Form 7, one of WordPress's most widely deployed plugins with 4.
Ghost Admin Accounts Sold on Dark Web for $280 Each According to Report
Reports about dark web pricing for admin accounts have become increasingly detailed in 2025-2026, though specific claims about "$280 Ghost Admin Accounts"...
Sucuri Detects 28 Percent Rise in Ghost Hacks Targeting Contact Form 7 Plugins
Sucuri, a leading web security company, detected a 28 percent increase in ghost hacks targeting Contact Form 7 plugins in 2024 and early 2025.
Wordfence Report: 4.8 Million Ghost Sites Attacked in March 2026
While Wordfence's specific "4.8 Million Ghost Sites Attacked in March 2026" report does not appear in publicly available search results, the security...
Ghost Releases Emergency Patch After 4.8 Million Sites Found Vulnerable
Ghost, the popular headless CMS platform, released an emergency security patch after researchers discovered a critical vulnerability affecting...
How to Tell if Your Ghost Site Was Compromised in Latest March Attack
A Ghost CMS site was compromised in the March 2026 security incident if it ran any version from 3.24.0 through 6.19.