Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign

A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious ...
The Hacker News

Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV

Drupal CVE-2026-9082 exploitation hit 15,000 attempts across 65 countries, forcing urgent patches by May 27, 2026.

Drupal: Critical SQL injection flaw now targeted in attacks

Drupal is warning that hackers are attempting to exploit a "highly critical" SQL injection vulnerability announced earlier ...
SecurityWeek

Drupal Patches Highly Critical Vulnerability Exposing Websites to Hacking

Drupal has patched CVE-2026-9082, a highly critical vulnerability that could allow threat actors to hack websites.
The Hacker News

Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks

Drupal released security updates for a highly critical Drupal Core vulnerability affecting sites that use PostgreSQL.

How To Mitigate The Microsoft Windows BitLocker YellowKey USB 0-Day

Following the release of a BitLocker zero-day security bypass by a disgruntled hacker, Microsoft has now offered mitigation ...
CSO Online

Drupal admins rushing to patch maximum severity SQL injection vulnerability

In its warning, Drupal said a vulnerability in this API allows an attacker to send specially crafted requests resulting in ...
Microsoft

How Storm-2949 turned a compromised identity into a cloud-wide breach

Storm-2949 turned stolen credentials into a cloud-wide breach, moving from identity compromise to large-scale data theft ...
Tech Times

Shannon Lite v1.2.0 on Claude Opus 4.7: Anthropic’s New Cyber Safeguards Require Pentesters to Enroll Before Scans

Shannon Lite, the autonomous white-box penetration testing tool built by San Francisco-based Keygraph, shipped version 1.2.0 ...
Daily MaverickOpinion

Hacktivists target SA government entities in cybercrime wave in response to xenophobia

South African sovereignty was already under siege from the baseless misinformation that President Trump used to welcome the ...

5 ways to fortify your network against the new speed of AI attacks

As attackers get more sophisticated and persistent, IT workers have to step up their game as well. Here's how to do that in ...

Avada Flaw Widens Wordpress Security Risk Arabian Post

Avada Flaw Widens Wordpress Security Risk Arabian Post. clearfix>Two vulnerabilities in the Avada Builder plugin have exposed around one million WordPress websites to attacks that could reveal ...