Ghost devs said the hackers used CVE-2020-11651 (an authentication bypass) and CVE-2020-11652 (a directory traversal) to take control over its Salt master server.
In a status page, the Ghost developer team said they detected an intrusion into their backend infrastructure systems at around 1:30am UTC. The second victim is Ghost, a Node.js-based blogging platform, built and advertised as a simpler alternative to WordPress. Now Ghost.Įarlier today, ZDNet reported that hackers managed to breach the servers of LineageOS, a mobile operating system.Ī second major hack surfaced a few hours later after our initial report. A serious hacking campaign is currently underway, and tens of companies have been hacked already, ZDNet has learned from security researchers keeping an eye on the attacks.įor the past 24 hours, hackers have been mass-scanning the internet for Salt, a type of software used to manage and automate servers inside data centers, cloud server clusters, and enterprise networks.Īttackers have been exploiting two recently-patched bugs to gain access to Salt servers and then deploy a cryptocurrency miner.
