Ghost CMS flaw abused to push ClickFix attacks on sites

Threat actors exploited a Ghost CMS vulnerability to compromise hundreds of websites and deploy ClickFix attacks, a social engineering technique that tricks users into executing malicious actions. The campaign targeted both site operators and visitors, leveraging the compromised platforms to spread malware or steal sensitive information.