Security News iCagenda and Balbooa Forms Joomla Flaws Reportedly Exploited as Zero-Days TheHackerNews Daniel Bender 13 Jul 2026 Share CISA adds exploited iCagenda and Balbooa Forms flaws to KEV after reported zero-day attacks enabled PHP uploads and remote code execution on sites.