Ghost CMS Vulnerability Exploited to Hack Over 700 Websites
Summary
An unpatched vulnerability in the Ghost CMS platform has been exploited, leading to the compromise of over 700 websites. Notable victims include major universities like Harvard and Oxford, as well as DuckDuckGo. The attack highlights the ongoing risk posed by unpatched software in content management systems.
IFF Assessment
This vulnerability has been actively exploited, resulting in a widespread compromise of websites, which is detrimental to defenders.
Severity
The vulnerability likely allows for remote code execution (CVSS 9.8 - Critical) due to the broad impact and ease of exploitation against content management systems that are frequently targeted.
Defender Context
This incident underscores the critical importance of promptly patching content management systems like Ghost CMS. Defenders should prioritize monitoring for indicators of compromise related to this vulnerability and ensure all instances of Ghost CMS are updated or isolated. The widespread exploitation suggests a potential for rapid, large-scale attacks.