SMC’s blog on ghost was compromised as part of a mass compromise of ghost blogs. This is how I cleaned it up. In February, using Claude, someone discovered an SQL injection vulnerability in Ghost. It had a score of 9.4/10. Basically, attackers could read anything in the database. Some time after that, a mass compromise was done with this vulnerability. Read Ghost CMS Mass Compromised via CVE-2026-26980, Now Fueling ClickFix Attacks. I didn’t know any of this. Yesterday, I went to my FreshRSS feed reader, and read Adhavan’s Weekly Note, which had this paragraph along with many others: Aruvu has been facing a series of hacks through our websites, which later resulted in a peer’s compromised laptop. How do people keep in touch with security advisories on every single service you maintain? I wrote an email to Adhavan talking about something else from the blog, and added a PS about a post-mortem on this security incident. In the reply Adhavan wrote today, A included the details and linked…
No comments yet. Log in to reply on the Fediverse. Comments will appear here.