CybersecurityJuly 13, 2026· via BleepingComputer

CISA flags active attacks on Joomla extensions with RCE flaws

CISA flags active attacks on Joomla extensions with RCE flaws

Image : BleepingComputer

Attackers are actively exploiting two Joomla extensions to take over websites, prompting U.S. authorities to flag the flaws for urgent patching. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the bugs to its Known Exploited Vulnerabilities catalog after observing real-world attacks that let criminals execute code remotely through malicious file uploads.

A growing pattern of exploited extensions

CISA’s alert covers flaws in the iCagenda and Balbooa Forms add-ons for Joomla, both of which are widely used to manage event calendars and custom forms on websites. Exploits abuse the extensions’ file upload features to drop and run arbitrary code, effectively handing control of the server to the attacker. Security researchers have noted a rise in similar attacks against content management systems, where third-party extensions become the weakest link The Hacker News.

Why website owners should act now

Because the vulnerabilities are already under active exploitation, CISA’s advice is clear: apply the latest updates immediately or disable the affected extensions if patches are unavailable. Unpatched Joomla sites running outdated extensions face a high risk of compromise, data theft, or being hijacked for broader attacks. Hosting providers and web agencies are urged to audit their clients’ installations and prioritize remediation.

Why it matters

These incidents show how quickly attackers weaponize common web tools once flaws are disclosed. For Joomla users, the stakes are immediate: a single unpatched extension can open the door to full server takeover. Beyond Joomla, the pattern underscores a broader truth—third-party code is often the path of least resistance for cybercriminals, making rigorous supply-chain hygiene essential for any organization running a public website.


Source: BleepingComputer. AI-assisted editorial synthesis — TechnoExpress.

Read the original source on BleepingComputer →

← Back to home