Australia Issues Urgent Warning: Global Cyber Attack Targets Vulnerable CMS Platforms

www.news4hackers.com-australia-issues-urgent-warning-global-cyber-attack-targets-vulnerable-cms-platforms-australia-issues-urgent-warning-global-cyber-attack-targets-vulnerable-cms-platforms

Australia warns of global campaign targeting vulnerable CMS platforms

Australia warns of global campaign targeting vulnerable CMS platforms

The Australian Cyber Security Centre (ACSC) has issued a warning about a widespread exploitation effort targeting content management systems (CMS) and their associated plugins. The agency reported that numerous Australian businesses have already fallen victim to this activity, with malicious actors deploying webshells on compromised websites. These webshells enable attackers to maintain persistent access, disrupt operations, exfiltrate credentials, install additional malware, and expand their presence within affected networks. A coordinated global campaign is actively exploiting weaknesses in CMS platforms, with a significant impact on Australian organizations.

Key Vulnerabilities Exploited

The ACSC highlighted that small- to medium-sized enterprises are particularly vulnerable, as threat actors systematically scan websites for opportunities to inject webshells. This process leverages known vulnerabilities in CMS software and plugins to gain unauthorized control.

  • Simple File List (WordPress): CVE-2025-34085/CVE-2020-36847
  • WavePlayer (WordPress): CVE-2025-12057
  • BerqWP (WordPress): CVE-2025-7443
  • WPBookit (WordPress): CVE-2025-7852
  • Ninja Forms (WordPress): CVE-2026-0740
  • ThemeREX Addons (WordPress): CVE-2026-1969
  • Breeze Cache (WordPress): CVE-2026-3844
  • pay-uz (WordPress): CVE-2026-31843
  • ACF Extended (WordPress): CVE-2025-13486
  • Sneeit Framework: CVE-2025-6389
  • WPvivid Backup (WordPress): CVE-2026-1357
  • Gravity Forms (WordPress): CVE-2025-12352
  • GutenKit/Hunk Companion (WordPress): likely CVE-2024-9234
  • Craft CMS: CVE-2025-32432
  • MaxSite CMS: CVE-2026-3395
  • MetInfo CMS: CVE-2026-29014
  • Joomla JCE: CVE-2026-48907

According to the ACSC, the campaign may involve artificial intelligence to enhance attack efficiency, allowing threat actors to rapidly exploit newly disclosed vulnerabilities. Security professionals are urged to prioritize patching and monitoring for signs of compromise. Recent data indicates that security teams detect only 14% of successful attacks, with the majority remaining undetected. Tools like breach and attack simulation can help validate detection capabilities and strengthen defenses against evolving threats.

Proactive Measures for Organizations

The ACSC emphasized the importance of proactive measures, including regular software updates, strict access controls, and continuous monitoring of CMS environments. Organizations are advised to review their infrastructure for exposed vulnerabilities and implement mitigations to prevent exploitation.



About Author

en_USEnglish