Ghost 3.24.0–6.19.0 Content API SQLi leaked Admin API keys and injected ClickFix loaders into posts. Patch to 6.19.1+, rotate keys, and grep post bodies.
Actively exploited unauth RCE (CVSS 10.0) in Joomla JCE ≤2.9.99.4 via profile import, now in CISA KEV. Patch to 2.9.99.7, then hunt rogue profiles and webshells.
A comparison of AI CMS features across Cosmic, Sanity, and Hygraph, examining agent execution, MCP connectivity, and editorial workflows. Hygraph's coverage in the original comparison article is corrected with official documentation.
WordPress staple plugin ACF 6.8 adds Abilities API integration, automatic Schema.org structured data, and WP-CLI commands. How AI agents can now discover and manipulate WordPress content models.