Wireby Fusion42
Read this story on the live Wire →

Wire · founder news, decoded · regulatory

iCagenda and Balbooa Forms Joomla Flaws Reportedly Exploited as Zero-Days

CISA has added two maximum-severity zero-day vulnerabilities (CVE-2026-48939 in iCagenda and CVE-2026-56291 in Balbooa Forms) to its Known Exploited Vulnerabilities catalogue; both allow arbitrary file upload and remote code execution on Joomla sites, with iCagenda being actively exploited since June 2026.

This Wire brief sits within Fusion42's coverage of Cybersecurity. Wire is Fusion42's founder-focused intelligence feed: each story is connected to the funds and startups it names — every one with a live profile on Raise or Scout — so founders can follow the capital and the momentum behind the headline rather than just the headline itself. Wire analysis is one of the live surfaces Arthur, Fusion42's AI co-founder, reasons over.

The Wire takeaway

If you run a Joomla site with iCagenda or Balbooa Forms, you are currently being scanned by automated attackers; patch immediately or remove the plugins—CISA has marked these as actively exploited in the wild.

Read the full story at thehackernews.com

Topics: Cybersecurity · zero-day · joomla · rce · file-upload · cisa-kev

Related on Wire

Verified 13 July 2026 · Sources: Fusion42 review