CyberSecurity News
iCagenda and Balbooa Forms Joomla Flaws Reportedly Exploited as Zero-Days
AI summary
The US Cybersecurity and Infrastructure Security Agency has added two severe security flaws in Joomla extensions to its catalog of known exploited vulnerabilities. These flaws affect the iCagenda and Balbooa extensions and have been reportedly exploited as zero-days. The vulnerabilities have a maximum severity rating of 10.0 on the CVSS scoring system. One of the vulnerabilities is identified as CVE-2026-48939, which is a flaw in the iCagenda extension. The addition to the catalog indicates that these vulnerabilities are being actively exploited in the wild. The vulnerabilities pose a significant risk due to their high severity rating.
Vulnerabilities mentioned
This is an AI-generated brief aggregated by HackerFeeds for convenience and grounded in the source’s own summary; the related CVE, threat-group and country data is from HackerFeeds’ own indexes. The original article is the authoritative source — all rights belong to The Hacker News.

