Close Menu
    What's Hot

    Johan Manzambi: Newcastle set to lose Switzerland World Cup hero to Aston Villa – becoming 10th player to turn Magpies down in two years | Football News

    Misconfigured Server Reveals Three Evilginx Phishing Operations Targeting Microsoft 365

    A Murder Mystery Evening at Audrey Gelman’s Guesthouse

    Facebook X (Twitter) Instagram
    Trending
    • Johan Manzambi: Newcastle set to lose Switzerland World Cup hero to Aston Villa – becoming 10th player to turn Magpies down in two years | Football News
    • Misconfigured Server Reveals Three Evilginx Phishing Operations Targeting Microsoft 365
    • A Murder Mystery Evening at Audrey Gelman’s Guesthouse
    • Opinion | “The Decline and Fall of the Roman Empire” Isn’t Saying What You Think It Is
    • Opinion | What the Fight With Anthropic Reveals About Free Speech in America
    • Asia’s capital surplus favours the safest winners
    • Speeding up digital finance shift ‘could deliver £33bn boost’ to UK economy
    • In Iran, Pezeshkian will be the scapegoat for the failed MoU | US-Israel war on Iran
    interluknewsinterluknews
    • Home
    • Business
      • Corporate News
      • Industry Insights
      • Startups & Entrepreneurship
      • Technology & Innovation
    • Economy
      • Economic Policy
      • Financial Analysis
      • Inflation & Interest Rates
      • Trade & Markets
    • Global
      • Conflicts & Security
      • Diplomacy
      • Global Trends
      • International Affairs
    • Lifestyle
      • Fashion
      • Food & Dining
      • Personal Development
      • Travel
    • Opinion
      • Columns
      • Editorials
      • Expert Opinions
      • Reader Voices
    • More
      • Politics
        • Elections
        • Government & Policy
        • International Relations
        • Political Analysis
      • Sports
        • Cricket
        • Football / Soccer
        • International Sports
        • Local Sports
      • Technology
        • Artificial Intelligence
        • Cybersecurity
        • Gadgets & Reviews
        • Tech News
      • South Africa News
    Facebook X (Twitter) Instagram
    interluknewsinterluknews
    Cybersecurity

    iCagenda and Balbooa Forms Joomla Flaws Reportedly Exploited as Zero-Days

    adminBy adminJuly 13, 2026No Comments4 Mins Read
    Share Facebook Twitter Pinterest Copy Link Telegram LinkedIn Tumblr Email
    iCagenda and Balbooa Forms Joomla Flaws Reportedly Exploited as Zero-Days
    Share
    Facebook Twitter LinkedIn Pinterest Email

    Ravie LakshmananJul 13, 2026Vulnerability / Web Security

    iCagenda and Balbooa Forms Joomla Flaws Reportedly Exploited as Zero-Days

    The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two maximum-severity security flaws impacting iCagenda and Balbooa extensions for Joomla to its Known Exploited Vulnerabilities (KEV) catalog, following reports of zero-day exploitation in the wild.

    The vulnerabilities, both rated 10.0 on the CVSS scoring system, are below –

    • CVE-2026-48939 – A vulnerability in the iCagenda extension for Joomla that allows the upload of arbitrary files via the file attachment feature, leading to PHP code upload and execution.
    • CVE-2026-56291 – A vulnerability in the Balbooa Forms extension for Joomla that allows the upload of arbitrary files, leading to remote code execution.

    According to mySites.guru, a cloud-based dashboard service for managing WordPress and Joomla websites, CVE-2026-48939 is said to have been exploited as a zero-day since June 15, 2026, in automated attacks aimed at Joomla sites on which iCagenda is installed. It resides in the “Submit an Event” form functionality, which lets users propose events for the calendar.

    “We first saw it in a client’s access log: an automated scanner identifying itself as ‘icagenda-batch/1.0’ grabbed a token, posted a malicious upload to the submit endpoint, then fetched the planted shell at the exact path the component writes attachments to,” mySites.guru said.

    The flaw impacts the following versions –

    • 4.x versions up to and including 4.0.7
    • Legacy 3.x versions from 3.2.1 up to and including 3.9.14

    JoomliC has since released updates to address the issue in iCagenda versions 4.0.8 and 3.9.15. Site owners are advised to check for suspicious PHP files in the “images/icagenda/frontend/attachments/” folder and remove them.

    MySites.guru said it also observed zero-day exploitation of CVE-2026-56291, which affects Balbooa Forms versions up to and including 2.4.0. It has been patched in version 2.4.1.

    “Up to and including version 2.4.0, its frontend attachment upload had a serious flaw: it accepted a file from any anonymous visitor, with no login, no CSRF token, and no check on the file type,” it said. “An attacker could upload a PHP file into a public folder and then run it, which is unauthenticated remote code execution, the worst outcome a web flaw can have.”

    The vulnerability was discovered by mySites.guru on July 8, 2026, following a live attack on one of its customers. It has shared the following indicators of compromise –

    • Look in the Balbooa Forms upload folder (by default “images/baforms/uploads”) for any file that is not an image or document, especially anything ending in PHP
    • Check the Joomla user list for suspicious administrator accounts
    • Audit the set for recently modified or unfamiliar PHP files across the site

    In light of active exploitation, Federal Civilian Executive Branch (FCEB) agencies have until July 13, 2026, to implement the fixes in their networks.

    Australia Warns of Global Campaign Targeting Vulnerable CMS Systems

    The disclosure comes as the Australian Cyber Security Centre (ACSC) issued an alert warning of a global exploitation campaign targeting various vulnerabilities in content management systems (CMS) and plugins.

    “As part of this campaign, malicious cyber actors are actively scanning websites for opportunities to deploy web shells, leveraging various vulnerabilities affecting CMS software and plugins,” the agency said. “These vulnerabilities primarily allow unauthenticated file upload, remote code execution, server side request forgery or deserialization.”

    Once deployed, the web shells serve as conduits for remote access and control of the targeted web servers. Some of the identified security vulnerabilities are listed below –

    “This highly scaled global exploitation campaign demonstrates the rapidly evolving cyber risk facing organisations,” ACSC said, adding “advances in AI are accelerating the speed and scale of cyber operations, reducing the time between vulnerability disclosure and exploitation.”

    Balbooa Exploited Flaws Forms iCagenda Joomla reportedly ZeroDays
    Follow on Google News Follow on Flipboard
    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email Copy Link
    Previous ArticleAI is not enough to arrest China’s decline
    Next Article The Open 2026 storylines to follow: Scottie Scheffler, Rory McIlroy, Tommy Fleetwood, Bryson DeChambeau and more | Golf News
    admin
    • Website

    Related Posts

    Misconfigured Server Reveals Three Evilginx Phishing Operations Targeting Microsoft 365

    July 13, 2026

    Hackers Weaponize Balochistan Police Portal in Multi-Group Espionage Campaigns

    July 11, 2026

    Compromised jscrambler 8.14.0 npm Release Drops Rust Infostealer During Install

    July 11, 2026
    Leave A Reply Cancel Reply

    Demo
    Latest Posts

    Johan Manzambi: Newcastle set to lose Switzerland World Cup hero to Aston Villa – becoming 10th player to turn Magpies down in two years | Football News

    Misconfigured Server Reveals Three Evilginx Phishing Operations Targeting Microsoft 365

    A Murder Mystery Evening at Audrey Gelman’s Guesthouse

    Opinion | “The Decline and Fall of the Roman Empire” Isn’t Saying What You Think It Is

    Latest Posts

    Subscribe to News

    Get the latest sports news from NewsSite about world, sports and politics.

    Advertisement
    Demo

    We are a digital news platform delivering timely, accurate, and insightful coverage of politics, global affairs, business, economy, sports, and more. Our mission is to keep readers informed with reliable news, clear analysis, and stories that truly matter.
    We're social. Connect with us:

    Facebook X (Twitter) Instagram Pinterest YouTube

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    Type above and press Enter to search. Press Esc to cancel.

    Powered by
    ...
    ►
    Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
    None
    ►
    Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
    None
    ►
    Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
    None
    ►
    Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
    None
    ►
    Unclassified cookies are cookies that we are in the process of classifying, together with the providers of individual cookies.
    None
    Powered by