Drupal CVE-2026-9082 exploitation hit 15,000 attempts across 65 countries, forcing urgent patches by May 27, 2026.

A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious ...

An unpatched SQL injection vulnerability in the Ghost content management system has been weaponized in an active, large-scale cyberattack that has compromised more than 700 websites worldwide — ...

Drupal has patched CVE-2026-9082, a highly critical vulnerability that could allow threat actors to hack websites.

In response to this, the application security SaaS company Indusface has detailed the potential financial impact of SQL Injection attacks on businesses. Additionally, they offer best practices to help ...

Drupal is warning that hackers are attempting to exploit a "highly critical" SQL injection vulnerability announced earlier ...

Drupal released security updates for a highly critical Drupal Core vulnerability affecting sites that use PostgreSQL.

When LulzSec bragged way back in June that it had broken into Sony's servers and released the personal information -- including passwords, email addresses, home addresses and birthdays -- of a million ...

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Dany Lepage discusses the architectural ...

SAP has released 15 new security notes, including two addressing critical code injection flaws in S/4HANA and Commerce.

October marks Cybersecurity Awareness Month, a timely reminder for businesses and individuals to revisit their digital defenses. In 2024, the stakes have never been higher. With global cybercrime ...