Australia warns of global campaign targeting vulnerable CMS platforms

Australia warns of global campaign targeting vulnerable CMS platforms
The Australian Cyber Security Centre warned of a global campaign exploiting vulnerabilities in CMS platforms and plugins to deploy webshells on vulnerable sites, with many Australian businesses already impacted. The activity targets products including WordPress, Craft CMS, MaxSite CMS, MetInfo CMS, and Joomla JCE, and may be assisted by AI to speed up large-scale exploitation. #ACSC #WordPress #CraftCMS #MaxSiteCMS #MetInfoCMS #JoomlaJCE #Webshells

Keypoints

  • The ACSC issued an alert about a global CMS exploitation campaign.
  • Many small and medium-sized Australian businesses have already been affected.
  • Attackers are deploying webshells to gain persistent access to compromised sites.
  • The campaign targets vulnerabilities in WordPress, Craft CMS, MaxSite CMS, MetInfo CMS, and Joomla JCE plugins.
  • Administrators should patch systems, remove unused components, and monitor for unauthorized changes.

Read More: https://www.bleepingcomputer.com/news/security/australia-warns-of-global-campaign-targeting-vulnerable-cms-platforms/