Drupal is warning that hackers are attempting to exploit a "highly critical" SQL injection vulnerability announced earlier this week. The content management system (CMS) project published a PSA on May ...

This exploit leverages an SQL Injection vulnerability in PostgreSQL to inject malicious code that reads sensitive files, such as /etc/passwd, and stores them on the vulnerable server. The exploit then ...

An unpatched SQL injection vulnerability in the Ghost content management system has been weaponized in an active, large-scale cyberattack that has compromised more than 700 websites worldwide — ...

ATGs are used in multiple critical sectors of industry, and many are still unsecured.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched critical security flaw impacting Drupal Core to its Known Exploited Vulnerabilities (KEV) catalog, based ...

US cyber authorities have added a critical Drupal Core SQL injection flaw to their exploited-vulnerabilities list after attacks began targeting unpatched websites using PostgreSQL databases, ...

Drupal has patched a highly critical vulnerability that could allow threat actors to hack websites powered by the open source content management system (CMS). The developers of the CMS had alerted ...

A flaw in Meta's AI-powered Instagram recovery tool allowed attackers to hijack accounts by redirecting password reset links, ...