Drupal: Critical SQL injection flaw now targeted in attacks

Drupal is warning that hackers are attempting to exploit a "highly critical" SQL injection vulnerability announced earlier ...
Dark Reading

New SQL Injection Attacks Exploit Adobe Flash Flaw

Mass SQL injection attack, take four: Yet another wave of SQL injection attacks is exploiting an Adobe Flash vulnerability that appears to be coming from the same series of attacks originating from ...
techtimes

Ghost CMS SQL Injection Hits 700 Sites: Harvard, DuckDuckGo Serve Fake Cloudflare Malware

An unpatched SQL injection vulnerability in the Ghost content management system has been weaponized in an active, large-scale cyberattack that has compromised more than 700 websites worldwide — ...
SecurityWeek

Drupal Patches Highly Critical Vulnerability Exposing Websites to Hacking

Drupal has patched CVE-2026-9082, a highly critical vulnerability that could allow threat actors to hack websites.
SecurityWeek

Drupal Vulnerability in Hacker Crosshairs Shortly After Disclosure

Drupal warns users that it has seen attempts to exploit CVE-2026-9082 and security firms are seeing attacks against thousands ...
Bleeping Computer

New Joomla SQL Injection Flaw Is Ridiculously Simple to Exploit

The Joomla CMS project released today Joomla 3.7.1 to fix an SQL injection flaw that allows attackers to execute custom SQL code on affected systems and take over vulnerable sites. Sucuri analyst Marc ...
Searchenginejournal.com

Loginizer WordPress Vulnerability Affects +1 Million Sites

WordPress Loginizer Plugin has issued a security patch for a vulnerability that could allow a hacker to modify a database through an Unauthenticated SQL Injection exploit. This kind of exploit, also ...
CSOonline

Exploit available for critical flaw in FortiClient Server

The proof-of-concept exploit is easy to execute, and could foretell wider targeting of the Fortinet vulnerability by attackers. Security researchers have released technical details and a ...