Attackers began exploiting Drupal SQL injection flaw CVE-2026-9082 within 48 hours of patch release. Drupal issued a highly critical security patch on May 20 for CVE-2026-9082, a SQL injection vulnerability that allows unauthenticated attackers to compromise sites running PostgreSQL databases.…
Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware
A new “coordinated” supply chain attack campaign has impacted eight packages on Packagist including malicious code designed to run a Linux binary retrieved from a GitHub Releases URL. “Although the affected packages were all Composer packages, the malicious code was…
npm Adds 2FA-Gated Publishing and Package Install Controls Against Supply Chain Attacks
GitHub has rolled out new controls for npm to improve the security of the software supply chain, giving maintainers the ability to explicitly approve a release prior to the packages becoming publicly available for installation. Called staged publishing, the feature…
Millions of Devices at Risk: New Trojan Monitors Smartphones
A menacing new Trojan has emerged that puts millions of smartphone devices worldwide at risk, according to recent cybersecurity reports. This sophisticated malware specifically targets Android devices and has already infected thousands of users across 143 countries. The Trojan’s…
AI Coding Tools Expose Thousands of Apps With Sensitive Corporate Data Online
Thousands of web applications built using AI coding tools have been found publicly accessible online without proper security protections. Researchers at RedAccess identified more than 5,000 exposed apps tied to companies, many revealing private information to anyone with the…
Why pure extortion is replacing traditional ransomware
Ransomware gangs are shifting from encryption to pure extortion, focusing on stolen data, reputational pressure, and stealthier attacks. Ransomware groups are quietly changing strategy in 2026. Instead of encrypting systems and causing immediate disruption, many attackers are now focusing on…
IT Security News Hourly Summary 2026-05-23 15h : 4 posts
4 posts were published in the last hour 13:4 : Nginx-poolslip Vulnerability Enables DoS and Code Execution Attacks — Patch Now! 13:4 : Australia Seizes $4.2 Million in Bitcoin in Major Darknet Crackdown 13:4 : WhatsApp Fixed Two Security Bugs…
Nginx-poolslip Vulnerability Enables DoS and Code Execution Attacks — Patch Now!
A newly disclosed flaw in one of the world’s most widely deployed web servers is forcing administrators into another emergency patch cycle. Tracked as CVE-2026-9256 and publicly nicknamed nginx-poolslip, the vulnerability affects both NGINX Plus and NGINX Open Source, and…
Australia Seizes $4.2 Million in Bitcoin in Major Darknet Crackdown
Authorities in the Australian state of New South Wales (NSW) have confiscated 52.3 Bitcoin, valued at more than $4.2 million, following search warrants carried out in Ingleburn on May 4. The seizure is being described as one of the…
WhatsApp Fixed Two Security Bugs via It’s Bug Bounty Program
Meta recently released a security advisory in May revealing two bugs in WhatsApp were found through its bug bounty program. But these bugs were patched and were not exploited in the wild by the threat actors. Both bugs are now…
Claude Mythos AI Finds 10,000 High-Severity Flaws in Widely Used Software
Anthropic on Friday disclosed that Project Glasswing has helped uncover more than 10,000 high- or critical-severity vulnerabilities across some of the most “systemically” important software across the world since the cybersecurity initiative went live last month. Project Glasswing is an…
RondoDox Botnet Exploits Critical 2018 Vulnerability to Hijack ASUS Routers
Cybersecurity firm VulnCheck reveals hackers are using a critical 2018 vulnerability to bypass authentication and hack over a million ASUS routers. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original article:…
The FBI Wants ‘Near Real-Time’ Access to US License Plate Readers
Plus: Google publishes a live exploit for an unpatched flaw, the feds arrest two men accused of creating thousands of nonconsensual deepfake nudes, and more. This article has been indexed from Security Latest Read the original article: The FBI Wants…
Hackers Exploit F5 BIG-IP Appliance to Gain SSH Access and Pivot Into Enterprise Linux Networks
A multi-stage intrusion attack where a threat actor exploited an internet-facing F5 BIG-IP edge appliance as the entry point for a widespread, identity-focused attack that ultimately accessed Active Directory. According to Microsoft’s Defender Security Research, the attack reflects a growing…
Dirty Frag, Copy Fail, Fragnesia: The start of a worrisome Linux security trend
Or is it just life today, with AI constantly digging through code repositories in search of security holes? This article has been indexed from www.theregister.com – Articles Read the original article: Dirty Frag, Copy Fail, Fragnesia: The start of a…
‘Underminr’ Vulnerability Lets Attackers Hide Malicious Connections Behind Trusted Domains
The stealthy vulnerability impacts roughly 88 million domains and can be exploited to bypass DNS filtering and hide command-and-control traffic. The post ‘Underminr’ Vulnerability Lets Attackers Hide Malicious Connections Behind Trusted Domains appeared first on SecurityWeek. This article has been…
Hackers Exploit F5 BIG-IP to Gain SSH Access and Pivot Into Linux Networks
Threat actors are actively exploiting end-of-life F5 BIG-IP appliances to gain unauthorized SSH access into enterprise networks, using the compromised devices as launchpads for sophisticated multi-stage intrusion campaigns that ultimately target Active Directory infrastructure. Microsoft Threat Intelligence disclosed the full…
Ghostwriter Is Back, Using a Ukrainian Learning Platform as Bait to Hit Government Targets
Ghostwriter targeted Ukrainian government agencies with phishing emails delivering malware and Cobalt Strike payloads. The Belarus-nexus APT group Ghostwriter (also tracked as UAC-0057 and UNC1151) has resurfaced with a new phishing campaign targeting Ukrainian government organizations. This time the lure…
Laravel-Lang PHP Packages Compromised to Deliver Cross-Platform Credential Stealer
Cybersecurity researchers have flagged a fresh software supply chain attack campaign that has targeted multiple PHP packages belonging to Laravel-Lang to deliver a comprehensive credential-stealing framework. The affected packages include – laravel-lang/lang laravel-lang/http-statuses laravel-lang/attributes laravel-lang/actions “The timing and pattern of…
IT Security News Hourly Summary 2026-05-23 12h : 1 posts
1 posts were published in the last hour 9:34 : LiteSpeed cPanel Plugin 0-Day Exploited for Server Root Access
LiteSpeed cPanel Plugin 0-Day Exploited for Server Root Access
A critical zero-day privilege escalation vulnerability in the LiteSpeed User-End cPanel plugin is being actively exploited in the wild, enabling any authenticated cPanel user to execute arbitrary scripts as root and gain full server control. Tracked as CVE-2026-48172 with a maximum CVSS score of 10.0,…
Ubiquiti Patches Critical UniFi OS Privilege Escalation Flaws
Ubiquiti has released urgent security patches for five critical and high-severity vulnerabilities across its UniFi OS platform, addressing flaws that could allow remote attackers to execute arbitrary commands and escalate privileges on a wide range of UniFi devices. The flaws…
Hackers Use SEO Poisoning to Fake Gemini CLI, Claude Installers
Financially motivated threat actors are running an active campaign that impersonates Google’s Gemini CLI and Anthropic’s Claude Code, using SEO poisoning to deliver a fileless PowerShell infostealer to developer workstations worldwide. First identified in early March 2026 by EclecticIQ researchers,…
Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched critical security flaw impacting Drupal Core to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability in question is CVE-2026-9082 (CVSS score:…