When it comes to content management systems, WordPress is the preferred option for most website owners. Even a fair amount of Bitcoin platforms are using WordPress in some capacity, especially where blogging and news updates are concerned. For those companies using Joomla, it might be time to think twice about using this platform, as there is a critical vulnerability waiting to be exploited.
Joomla Critical Bug Actively Exploited By Hackers
Joomla doesn’t make too many mainstream media headlines these days, even though it is a very versatile content management system for website owners. However, most people prefer to use WordPress or similar free blogging solutions, and Joomla is hardly ever mentioned. That is until a critical security flaw is discovered by researchers.
At the time of publication, hackers were actively exploiting one of Joomla’s critical vulnerabilities, which has been present in the platform’s source code for nearly eight years now. It does not happen often that a vulnerability exists for so long, although it remained undiscovered until very recently.
Even though Joomla engineers recently released a security patch to fix the vulnerability, the damage had already been done. Hackers have been exploiting the Joomla vulnerability for a little while, as attacks started last Saturday and continued all throughout Sunday. Security firm Sucuri reported a few hundred exploit attempts over the course of 48 hours.
As one would come to expect, the number of attacks against Joomla sites increased exponentially once word got out about this vulnerability. Every single Joomla site was – and still is – a target for hackers unless the owner has installed the most recent security update in the past 36 hours.
What makes matters, even more, worrying is how it remains unclear as to what this exploit can do to Joomla-based websites. When content management systems are vulnerable to attack, just about anything can happen. More details are expected to be revealed in the near future, though.
Do you run a website based on Joomla? If so, have you applied the latest security patch, or noticed any strange activities? Let us know in the comments below!
Source: Ars Technica