iCagenda and Balbooa Forms Joomla Flaws Reportedly Exploited as Zero-Days

Read full story on The Hacker News
Share
iCagenda and Balbooa Forms Joomla Flaws Reportedly Exploited as Zero-Days
AI disclosure

Summary

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two maximum-severity security flaws impacting iCagenda and Balbooa extensions for Joomla to its Known Exploited Vulnerabilities (KEV) catalog, following reports of zero-day exploitation in the wild. The vulnerabilities, both rated 10.0 on the CVSS scoring system, are below - CVE-2026-48939 - A vulnerability in the

Original reporting

Open original source

Related coverage

Read full article on The Hacker News

Get the AFBytes Brief

Major stories, AI-assisted analysis, and what to watch next. Free, monthly, unsubscribe anytime.