Drupal: Critical SQL injection flaw now targeted in attacks

Drupal is warning that hackers are attempting to exploit a "highly critical" SQL injection vulnerability announced earlier ...
The Hacker News

Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks

Drupal released security updates for a highly critical Drupal Core vulnerability affecting sites that use PostgreSQL.
Microsoft

How Storm-2949 turned a compromised identity into a cloud-wide breach

Storm-2949 turned stolen credentials into a cloud-wide breach, moving from identity compromise to large-scale data theft ...

Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign

A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious ...
The Hacker News

Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV

Drupal CVE-2026-9082 exploitation hit 15,000 attempts across 65 countries, forcing urgent patches by May 27, 2026.
Microsoft

The Gentlemen ransomware: Dissecting a self-propagating Go encryptor

Microsoft Threat Intelligence presents a comprehensive analysis of The Gentlemen, a Go-based ransomware deployed by ...

Recent survivors of US boat strikes haven’t been found, bringing overall death toll to 199

The death toll from the Trump administration’s monthslong series of strikes on suspected drug trafficking boats in the ...