ON July 13, 2026, it was reported that vulnerabilities in the iCagenda and Balbooa Forms Joomla extensions are being exploited as zero-day attacks, posing serious risks to users. The flaws enable unauthorized access and potential data breaches, highlighting an urgent need for website administrators to apply patches and reinforce security measures. The article emphasizes the importance of staying updated on cybersecurity vulnerabilities and protecting web applications against emerging threats.
Zero day flaws hit Joomla iCagenda and Balbooa Forms extensions
CyberSIXT Evidence Panel
Source marked as original reporting
Article by CyberSIXT
Timeline Coverage
Swipe to explore timeline
-
Unauthenticated RCE Flaws Hit Joomla Extensions Balbooa, iCagenda
cybersixt.com
-
Zero day flaws hit Joomla iCagenda and Balbooa Forms extensions
thehackernews.com
-
CISA Flags iCagenda, Balbooa Forms Flaws; Urges Fix by July 2026
cybersixt.com
-
Microsoft Tops CISA KEV List as Critical Flaws Surge in Q2 2026
cybersixt.com
-
Apache IoTDB Fixes Path Traversal and Authentication Bypass Flaws (CVE-2026-24014)
cybersixt.com
-
Silver Fox uses SEO tricks to drop MODBEACON trojan via bugs
cybersixt.com
-
CISA KEV Catalog Highlights CVE-2026-56291 Flaw in Balbooa Forms
cybersixt.com
-
CISA KEV Flags iCagenda File Upload Flaw CVE-2026-48939
cybersixt.com
-
CISA Adds CVE-2026-48939 to Known Exploited Vulnerabilities Catalogue
cybersixt.com
-
CVE-2026-56291 lets attackers hijack systems via Balbooa Forms
cybersixt.com