{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreia4c5za7s6kx2d2ude6hsdmflw6wnnwbih4etdjb2gc4vidins2wq",
    "uri": "at://did:plc:ghkvexthfanuyq7fb5veq6tw/app.bsky.feed.post/3mmoqmrsrh4d2"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreid7a7xo4l3ovzjoadl47tnxo6ewbxejsa3npae53dbzph633wes6m"
    },
    "mimeType": "image/jpeg",
    "size": 114085
  },
  "path": "/2026/05/ghost-cms-cve-2026-26980-exploited-to.html",
  "publishedAt": "2026-05-25T12:02:46.000Z",
  "site": "https://thehackernews.com",
  "textContent": "Threat actors are exploiting a recently disclosed critical security flaw in Ghost CMS to inject malicious JavaScript code with an aim to fuel ClickFix attacks.\n\nAccording to QiAnXin XLab, the activity involves the exploitation of CVE-2026-26980 (CVSS score: 9.4), an SQL injection vulnerability in Ghost's Content API that could allow an unauthenticated attacker to read arbitrary data from the",
  "title": "Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks"
}