Security News CISA warns of actively exploited RCE flaws in Joomla extensions BleepingComputer Daniel Bender 13 Jul 2026 Share The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning that attackers are exploiting vulnerabilities in the iCagenda and Balbooa Forms extensions for Joomla to achieve remote code execution through arbitrary file uploads.