If you run a Joomla-based website and you haven’t implemented the latest security release of the CMS, your site has been almost surely compromised. According to Sucuri CTO Daniel Cid, every Joomla site on the company’s network was hit with exploitation attempts within three days after the release of the update (v3.6.4), and he assumes that other Joomla-based sites suffered the same fate. The security update in question fixed three critical flaws that allow attackers … More
Source: helpnetsecurity