Skip to main content
    Urgent: Popular Website Extensions Under Attack by Hackers
    Cybersecurity
    Important
    4 min read

    Urgent: Popular Website Extensions Under Attack by Hackers

    CISA warns that hackers are actively breaking into websites using flawed Joomla extensions. If you run a small business website, you need to act now.

    Source

    GetCyberRight Intelligence

    Original headline: CISA Warns: Joomla Extensions Under Active Attack

    Plain-English summary by GetCyberRight. Read the full report at the source above.

    Published Monday, July 13, 20264 min read
    Share:

    What's Happening Right Now

    The U.S. Cybersecurity and Infrastructure Security Agency (CISA) just issued an urgent warning: hackers are actively exploiting serious security flaws in two popular Joomla website extensions. These attacks are happening right now, and they give criminals complete remote control over affected websites. If your small business uses a Joomla website, this requires immediate attention.

    The Details: What This Means in Plain English

    Joomla is a popular platform for building websites, similar to WordPress. Many website owners add extensions (think of them like apps for your phone) to add calendars, contact forms, and other features. Two specific extensions, iCagenda and Balbooa Forms, contain critical security holes that hackers have figured out how to exploit.

    When criminals exploit these flaws, they can inject malware directly onto your website without needing your password. They gain what security experts call "remote code execution" access. In practical terms, this means they can control your site as if they were sitting at your computer. They can steal customer data, redirect visitors to dangerous sites, or use your website to attack others.

    CISA doesn't issue warnings like this for theoretical problems. They specifically alert the public when attacks are actively happening in the wild. That means hackers are already using these flaws to break into real websites right now.

    Who Is Affected

    This warning matters most to small business owners who use Joomla for their company websites. If you run an online store, a restaurant site, a professional services page, or any business website built on Joomla, you could be vulnerable. Even if you're not sure what platform your website uses, this is worth checking.

    You're especially at risk if your website includes an events calendar (which might use iCagenda) or contact forms (which might use Balbooa Forms). Many business owners installed these extensions years ago and haven't thought about them since. Unfortunately, criminals are counting on that.

    What You Should Do Right Now

    1. Contact your website developer or hosting company today. Ask them specifically if your site uses Joomla with iCagenda or Balbooa Forms extensions. Request they check for updates immediately.

    Stay one step ahead of scammers

    Weekly cybersecurity briefings for families. No spam, just the threats that matter and what to do about them.

  1. Update these extensions to the latest versions. If you manage your own website, log into your Joomla administrator panel and check for available updates. Install all security patches right away.

  2. Remove the extensions if you don't actively use them. Many websites have old extensions still installed. If you're not using a calendar or form feature, removing the vulnerable extension eliminates the risk entirely.

  3. Review your website for suspicious changes. Look for unexpected content, unfamiliar administrator accounts, or redirects to strange websites. These are signs you may already be compromised.

  4. Consider a professional security scan. Many web hosting companies offer security scanning services. This can identify if attackers have already infiltrated your site.

  5. The Bigger Picture: Why This Keeps Happening

    Website extensions create convenience, but they also create security risks. Every plugin or extension is a potential doorway for criminals if developers don't maintain proper security. Small businesses often face the biggest risk because they lack dedicated IT staff to monitor these threats. Staying informed about active attacks like this one is essential for protecting your digital presence and your customers' trust.

    How GetCyberRight Can Help

    Tracking every new cybersecurity threat feels overwhelming, especially when you're running a business. That's exactly why we built the Cyber Threat Radar tool. It monitors active exploitation campaigns like this Joomla vulnerability wave in real time and translates technical alerts into clear, actionable guidance for families and small businesses. You don't need to be a security expert to stay protected. You just need the right information at the right time.

    Protect Yourself

    Use our Cyber Threat Radar to check if you're affected and take action.

    Found this useful?

    Share it with someone who could use a heads-up.

    Share:

    Curated from trusted cybersecurity sources by GetCyberRight

    Source: GetCyberRight Intelligence

    Discussion

    0

    Sign in to join the discussion.

    Stay ahead of cyber threats

    Get our free weekly digest. Real threats, plain language, what to do about them. No spam, ever.