HackerFeeds

CyberSecurity News

iCagenda and Balbooa Forms Joomla Flaws Reportedly Exploited as Zero-Days

The Hacker News
· July 13, 2026

AI summary

The US Cybersecurity and Infrastructure Security Agency has added two severe security flaws in Joomla extensions to its catalog of known exploited vulnerabilities. These flaws affect the iCagenda and Balbooa extensions and have been reportedly exploited as zero-days. The vulnerabilities have a maximum severity rating of 10.0 on the CVSS scoring system. One of the vulnerabilities is identified as CVE-2026-48939, which is a flaw in the iCagenda extension. The addition to the catalog indicates that these vulnerabilities are being actively exploited in the wild. The vulnerabilities pose a significant risk due to their high severity rating.

Vulnerabilities mentioned

Read the full article at The Hacker Newsthehackernews.com/2026/07/icagenda-and-balbooa-forms-joomla-flaws.html

This is an AI-generated brief aggregated by HackerFeeds for convenience and grounded in the source’s own summary; the related CVE, threat-group and country data is from HackerFeeds’ own indexes. The original article is the authoritative source — all rights belong to The Hacker News.