15 June 2026.
mySite.guru report that two zero days affecting Third Party Extensions used by many Joomla! CMS websites have been confirmed this week.
The compromised Third Party Extensions are:
- SP Page Builder, and
- iCagenda.
Check whether or not your website is using one of these compromised Third Party Extensions.
If it is then you can learn more about each zero day in the excellent mySite.guru Blog at the following links before taking corrective action.
Quick note: this unfortunate incident underscores the importance of performing regular Full Backups of your website and definitely before installing or updating any one Third Party Extension.
Read more: SP Page Builder Zero Day is being used to plant fake Joomla Admins
Read more: Zero Day Vulnerability Found in iCagenda Joomla Extension
Recent similar mySite.guru blog posts
10 April 2026.
"Smart Slider 3 Pro version 3.5.1.35 was a malicious release".
"Not a vulnerability, not a coding mistake, not a missed capability check. An unauthorized party pushed a backdoored build through Nextend’s own update infrastructure".
Read more: Smart Slider 3 Pro version 3.5.1.35 was a malicious release
What should you do?
Check whether or not your website is using a compromised Third Party Extension.
If it has then mySites.guru offer a value for money rescue package (recommended).
See link published in their blog posts.
News Sources
About Hacker News
"The Hacker News (THN) stands as a top and reliable source for the latest updates in cybersecurity. As an independent outlet, we offer balanced and thorough insights into the cybersecurity sector, trusted by professionals and enthusiasts alike."
Subscribe to The Hacker News newsletter when you visit the following link.
And keep up to speed with the latest security threats affecting your Operating System, Web Browser and Website.
About mySites Guru
mySites Guru publish tips, tutorials and updates about managing WordPress and Joomla! websites.
Make Joomla! CMS Security your #1 Priority
We help and support managers responsible for Joomla! CMS websites in UK business and third sector organisations across Cheshire, Greater Manchester, Merseyside and North West England.
Your personal data is nobody's business.