Drupal: Critical SQL injection flaw now targeted in attacks

Drupal is warning that hackers are attempting to exploit a "highly critical" SQL injection vulnerability announced earlier ...
The Hacker News

Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV

Drupal CVE-2026-9082 exploitation hit 15,000 attempts across 65 countries, forcing urgent patches by May 27, 2026.
CSO Online

Drupal admins rushing to patch maximum severity SQL injection vulnerability

In its warning, Drupal said a vulnerability in this API allows an attacker to send specially crafted requests resulting in ...
Hackaday

sql injection

Web systems are designed to be simple and reliable. Designing for the everyday person is the goal, but if you don’t consider the odd man out, they may encounter some problems. This is the everyday ...
SecurityWeek

Drupal Patches Highly Critical Vulnerability Exposing Websites to Hacking

Drupal has patched CVE-2026-9082, a highly critical vulnerability that could allow threat actors to hack websites.
SecurityWeek

Drupal Vulnerability in Hacker Crosshairs Shortly After Disclosure

Drupal warns users that it has seen attempts to exploit CVE-2026-9082 and security firms are seeing attacks against thousands ...

Hackers bypass SonicWall VPN MFA due to incomplete patching

Threat actors brute-forced VPN credentials and bypassed multi-factor authentication (MFA) on SonicWall Gen6 SSL-VPN ...
CSO Online

Internet Explorer may be dead, but its ghost still runs malware

A legacy Windows scripting utility tied to Internet Explorer is still being used in modern malware campaigns, researchers say ...