SecurityWeek

Drupal Patches Highly Critical Vulnerability Exposing Websites to Hacking

Drupal has patched CVE-2026-9082, a highly critical vulnerability that could allow threat actors to hack websites.
InfoWorld

DDoS and SQL injection are hot topics on hacking forums

Distributed denial of service and SQL injection are the main types of attack discussed on hacking forums, according to new research from security vendor Imperva. Underground discussion forums are an ...
The Verge

Researchers say a bug let them add fake pilots to rosters used for TSA checks

A pair of security researchers say they discovered a vulnerability in login systems for records that the Transportation Security Administration (TSA) uses to verify airline crew members at airport ...
Dark Reading

SQL Injection Hack Infects 1 Million Web Pages

Another SQL injection campaign is literally going viral, with some 1 million URLs possibly infected. The SANS Internet Storm Center over the weekend counted some 1,070,000 URLs injected with the ...
Ars Technica

Hackers try to exploit WordPress plugin vulnerability that’s as severe as it gets

Hackers are assailing websites using a prominent WordPress plugin with millions of attempts to exploit a high-severity vulnerability that allows complete takeover, researchers said. The vulnerability ...
Infosecurity-magazine.com

500 000 websites hacked, including Apple

As reported by The Register IT news portal, a number of smaller websites have been hacked using an SQL injection attack method that attempts to obfuscate links to malware infected pages. The hack ...