Attackers are already exploiting a dangerous privileged account creation hole in the Joomla! content management system attempting, with attempts made on about 30,000 sites in the days days after a patch for the flaw landed. The vulnerability, which allows anyone to create privileged accounts on Joomla! sites, was first flagged in a scant Joomla! pre-release notice warning administrators to prepare for a then un-described but critical patch. At the time The Register warned the then mysterious flaw would likely be exploited in the coming days and weeks as the respective patch is reverse-engineered. Those attacks have eventuated faster than we predicted.
View full story
ORIGINAL SOURCE: The Register