Bleeping Computer

Drupal: Critical SQL injection flaw now targeted in attacks

Drupal is warning that hackers are attempting to exploit a "highly critical" SQL injection vulnerability announced earlier this week. The content management system (CMS) project published a PSA on May ...
Bleeping Computer

Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign

A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious JavaScript code that triggers ClickFix attack flows. The campaign was ...
techtimes

Ghost CMS SQL Injection Hits 700 Sites: Harvard, DuckDuckGo Serve Fake Cloudflare Malware

An unpatched SQL injection vulnerability in the Ghost content management system has been weaponized in an active, large-scale cyberattack that has compromised more than 700 websites worldwide — ...
CSOonline

Drupal admins rushing to patch maximum severity SQL injection vulnerability

Administrators of the Drupal open source content management platform are rushing to install an emergency patch issued today to fix a “highly critical” SQL injection vulnerability in the application’s ...
Hosted on MSN

Most ransomware attacks are opportunistic. Here’s how you can stop attackers

There is a glaring misconception at the heart of cybersecurity that cyber-attacks are targeted at specific organizations or sectors. But while certain sectors do receive more than their fair share of ...