Drupal: Critical SQL injection flaw now targeted in attacks

Drupal is warning that hackers are attempting to exploit a "highly critical" SQL injection vulnerability announced earlier ...

Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign

A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious ...
The Hacker News

Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV

Drupal CVE-2026-9082 exploitation hit 15,000 attempts across 65 countries, forcing urgent patches by May 27, 2026.
Tech Times

Ghost CMS SQL Injection Hits 700 Sites: Harvard, DuckDuckGo Serve Fake Cloudflare Malware

Ghost CMS SQL injection campaign has compromised 700+ websites — including Harvard University, Oxford University, and DuckDuckGo — using a CVSS 9.4 flaw to inject ClickFix malware lures that trick ...
The Hacker News

Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks

Drupal released security updates for a highly critical Drupal Core vulnerability affecting sites that use PostgreSQL.
SecurityWeek

Drupal Patches Highly Critical Vulnerability Exposing Websites to Hacking

Drupal has patched CVE-2026-9082, a highly critical vulnerability that could allow threat actors to hack websites.
SecurityWeek

Drupal Vulnerability in Hacker Crosshairs Shortly After Disclosure

Drupal warns users that it has seen attempts to exploit CVE-2026-9082 and security firms are seeing attacks against thousands ...

Rapid7 Q1 2026 Threat Landscape Report Finds Vulnerability Exploitation Overtakes Social Engineering as the Top Initial Access Vector

New research highlights how AI-driven exploitation, zero-click vulnerabilities, and fragmented ransomware operations are reshaping cyber riskBOSTON, May 21, 2026 (GLOBE NEWSWIRE) -- Rapid7, Inc.

Ghost CMS flaw hijacked to target hundreds of websites with ClickFix attacks

A critical-level flaw in a popular CMS, patched months ago, is now being abused.
DATAQUEST

India's AI surge exposes software supply chain security gaps

India's software supply chain security challenge is deepening as AI expands the attack surface while many enterprises lack ...

Patch now! Attackers exploiting critical malicious code vulnerability in Drupal

Attackers are currently targeting websites created with the CMS Drupal. However, pages are only vulnerable if they use ...
Opinion

Most ransomware attacks are opportunistic. Here’s how you can stop attackers

Ransomware isn’t targeted - it exploits predictable gaps like poor hygiene and missing basics.