🔴 Ghost CMS CVE-2026-26980 exploitation spans 700+ domains, stealing Admin API keys and injecting fake Cloudflare ClickFix prompts. Patch to 6.19.1+, rotate keys, review content/logs.

🟡 TrapDoor put 34+ malicious packages on npm, PyPI, and Crates.io. Audit recent installs and rotate exposed CI/dev secrets.

solomonneas.dev/intel

#CyberSecurity #ThreatIntel #SupplyChain #CVE