Ghost CMS SQL injection campaign has compromised 700+ websites — including Harvard University, Oxford University, and DuckDuckGo — using a CVSS 9.4 flaw to inject ClickFix malware lures that trick ...

Microsoft delivered fixes for issues affecting everything from Windows to Office, .NET, and SQL Server, and several patches that should be deployed ASAP.

A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious ...

Drupal CVE-2026-9082 exploitation hit 15,000 attempts across 65 countries, forcing urgent patches by May 27, 2026.

GameSpot may receive revenue from affiliate and advertising partnerships for sharing this content and from purchases through links. A new update is on the way for the PC version of PlayerUnknown’s ...

In its warning, Drupal said a vulnerability in this API allows an attacker to send specially crafted requests resulting in arbitrary SQL injection for sites using PostgreSQL databases. This can lead ...

Here's a look at the most recent Patch Tuesday release from Microsoft as well as a collection of recent updates so you can track what's changed. Long before Taco Tuesday became part of the pop-culture ...

Supply chain chaos, old bugs, smarter phishing, and botnets everywhere — here’s what broke the internet this week.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given U.S. federal agencies four days to secure their ...

The Food and Drug Administration removed the black box warning from hormone replacement therapies late last year, and recently, the most insured type, the estrogen patch, has been in short supply amid ...

Critical flaws emerge: Severe vulnerabilities in Apache HTTP/2, SharePoint, cPanel, and iOS are confirmed, some with working exploits and active attacks. Patching urgency: Authorities urge immediate ...