Tag

#Malware-Campaign

2 articles

CVE-2025-26980: Ghost CMS SQL Injection Exploited in ClickFix Campaign

A critical SQL injection vulnerability in Ghost CMS (CVE-2025-26980) is being exploited to deliver ClickFix malware through malicious JavaScript injections.

Runtime Rebel Intel

3 min read·May 24, 2026

HIGH

Supply Chain

Over 100 GitHub Repositories Distributing BoryptGrab Stealer

A large-scale campaign on GitHub utilizes over 100 repositories to distribute BoryptGrab, an info-stealer targeting crypto wallets and browser data.

Runtime Rebel Intel

3 min read·Mar 7, 2026