Drupal has patched CVE-2026-9082, a highly critical vulnerability that could allow threat actors to hack websites.

Ghost CMS SQL injection campaign has compromised 700+ websites — including Harvard University, Oxford University, and DuckDuckGo — using a CVSS 9.4 flaw to inject ClickFix malware lures that trick ...

Lazarus Group has deployed RemotePE, a fully memory-resident trojan that is extremely hard for traditional antivirus and forensic tools to detect.

Drupal is warning that hackers are attempting to exploit a "highly critical" SQL injection vulnerability announced earlier ...

A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious ...

Sites belonging to major universities such as Harvard and Oxford, as well as DuckDuckGo, have been compromised in the attack.

A trader did not need to hack Grok, steal a password, or break a smart contract. A hidden Morse code prompt inside a public X reply was enough to trigger a nearly $200K crypto transfer from Grok’s ...

Customer data from more than 350 hotels around the world may have been accessed as part of realistic reservation-hijacking ...

Minecraft master Shark gains access to tiny building exploits that drastically change gameplay. Clarence Thomas issues dissent as Supreme Court hands California major win Serial-killer fears grow at ...

Fast food fans may have found a way to satisfy their In-N-Out cravings without stepping foot inside the beloved California burger chain. According to a recent article from Food Republic, McDonald’s ...