Update: I saw this when viewing a blog built with the Ghost framework. Looks like it was a legitimate exploit that has since been patched, at least on the blog I was looking at. Stay safe out there folks!
https://www.malwarebytes.com/blog/bugs/2026/05/700-education-and-tech-websites-hijacked-in-hug...