Skip to content
  • Home
  • Cyber Map
  • About Us – Contact
  • Disclaimer
  • Terms and Rules
  • Privacy Policy
Cyber Web Spider Blog – News

Cyber Web Spider Blog – News

Globe Threat Map provides a real-time, interactive 3D visualization of global cyber threats. Monitor DDoS attacks, malware, and hacking attempts with geo-located arcs on a rotating globe. Stay informed with live logs and archive stats.

  • Home
  • Cyber Map
  • Cyber Security News
  • Security Week News
  • The Hacker News
  • How To?
  • Toggle search form
Critical Joomla Extension Flaws Exploited

Critical Joomla Extension Flaws Exploited

Posted on July 13, 2026 By CWS

Organizations using Joomla extensions are on high alert due to severe vulnerabilities that have been actively exploited by malicious actors. These security flaws in Balbooa Forms and iCagenda allow unauthorized users to perform remote code execution (RCE) attacks.

Details of the Balbooa Forms Vulnerability

The vulnerability in Balbooa Forms, identified as CVE-2026-56291, scores 10 on the CVSS scale, indicating its critical nature. This flaw involves an unauthenticated arbitrary file upload issue, affecting the frontend attachment upload endpoint of the extension.

Although version 2.4.1 of Balbooa Forms was released on July 9 to address this issue, attackers were already taking advantage of the vulnerability before the patch was available, marking it as a zero-day exploit. It is crucial for all sites using version 2.4.0 or earlier to update immediately to mitigate potential security breaches.

iCagenda Extension Under Threat

In a similar vein, the iCagenda extension was discovered in June to have a comparable vulnerability, tracked as CVE-2026-48939, which also allows arbitrary file uploads. This flaw enables attackers to insert PHP code into a compromised system, resulting in RCE without the need for authentication.

JoomliC, the developer behind iCagenda, observed this vulnerability being exploited as a zero-day on June 15. Promptly, they released patches in versions 4.0.8 and 3.9.15 to counteract the threat.

Urgent Patch Recommendations from CISA

On July 10, these Joomla extension vulnerabilities were added to the Known Exploited Vulnerabilities (KEV) catalog by the US Cybersecurity and Infrastructure Security Agency (CISA). Federal agencies have been instructed to apply patches within a three-day timeframe, following the BOD 26-04 directive.

While this directive is specific to federal entities, it serves as a strong recommendation for all organizations to promptly review and patch vulnerabilities listed by CISA to safeguard their systems effectively.

In conclusion, with the rise of cyber threats exploiting these vulnerabilities, it is imperative that organizations take immediate action to update their Joomla extensions and review security protocols to prevent unauthorized access and potential damage.

Security Week News Tags:Balbooa Forms, BOD 26-04, CISA, CVE, CVE-2026-48939, CVE-2026-56291, Cybersecurity, iCagenda, Joomla, Patching, remote code execution, Security, Vulnerabilities, zero-day

Post navigation

Previous Post: Forg365 PhaaS Exploits Microsoft 365 with Advanced Tactics
Next Post: Debian 13.6 Update: Security Enhancements and Critical Fixes

Related Posts

DeFi Protocol Balancer Starts Recovering Funds Stolen in 8 Million Heist DeFi Protocol Balancer Starts Recovering Funds Stolen in $128 Million Heist Security Week News
Cyber Insurance Enhances CISO Budget Negotiations Cyber Insurance Enhances CISO Budget Negotiations Security Week News
FTC Calls on Tech Firms to Resist Foreign Anti-Encryption Demands FTC Calls on Tech Firms to Resist Foreign Anti-Encryption Demands Security Week News
Latvian Hacker Jailed for Karakurt Ransomware Crimes Latvian Hacker Jailed for Karakurt Ransomware Crimes Security Week News
Reach Security Raises  Million for Exposure Management Solution Reach Security Raises $10 Million for Exposure Management Solution Security Week News
0,000 Paid Out at Zeroday.Cloud for Open Source Software Exploits $320,000 Paid Out at Zeroday.Cloud for Open Source Software Exploits Security Week News

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Recent Posts

  • Hackers Exploit AI-Powered Scripts to Target Active Directory
  • Data Breach at Centers Laboratory Affects Over 540,000
  • Weekly Cybersecurity Recap: ShareFile Threat and More
  • NSA Warns of Russian Exploitation of Cisco Routers
  • From Blackhat to Advocate: Jesse McGraw’s Journey

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Archives

  • July 2026
  • June 2026
  • May 2026
  • April 2026
  • March 2026
  • February 2026
  • January 2026
  • December 2025
  • November 2025
  • October 2025
  • September 2025
  • August 2025
  • July 2025
  • June 2025
  • May 2025

Recent Posts

  • Hackers Exploit AI-Powered Scripts to Target Active Directory
  • Data Breach at Centers Laboratory Affects Over 540,000
  • Weekly Cybersecurity Recap: ShareFile Threat and More
  • NSA Warns of Russian Exploitation of Cisco Routers
  • From Blackhat to Advocate: Jesse McGraw’s Journey

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Copyright © 2026 Cyber Web Spider Blog – News.

Powered by PressBook Masonry Dark