securityaffairs2h ago
CVE-2026-9082: #Drupal's Highly Critical SQL Injection Flaw Is Already Under Active Attack
https://securityaffairs.com/192557/security/cve-2026-9082-drupals-highly-critical-sql-injection-flaw-is-already-under-active-attack.html
#securityaffairs #hacking #malware
CVE-2026-9082: Drupal's Highly Critical SQL Injection Flaw Is Already Under Active Attack

Attackers began exploiting Drupal SQL injection vulnerability CVE-2026-9082 within 48 hours of patch release.

Security Affairs
securityaffairs9h ago
#Ghostwriter Is Back, Using a Ukrainian Learning Platform as Bait to Hit Government Targets
https://securityaffairs.com/192538/hacking/ghostwriter-is-back-using-a-ukrainian-learning-platform-as-bait-to-hit-government-targets.html
#securityaffairs #hacking #malware #APT #Ukraine
Ghostwriter Is Back, Using a Ukrainian Learning Platform as Bait to Hit Government Targets

Ghostwriter targeted Ukrainian government agencies with phishing emails delivering malware and Cobalt Strike payloads.

Security Affairs
securityaffairs1d ago
Authorities arrest 23-year-old accused of running the #Kimwolf #botnet
https://securityaffairs.com/192533/cyber-crime/authorities-arrest-23-year-old-accused-of-running-the-kimwolf-botnet.html
#securityaffairs #hacking #Android #malware
Authorities arrest 23-year-old accused of running the Kimwolf botnet

Canadian authorities arrested a 23-year-old Ottawa man accused of running the Kimwolf DDoS botnet. The US is now seeking extradition.

Security Affairs
securityaffairs1d ago
U.S. CISA adds Trend Micro Apex One and Langflow to its Known Exploited Vulnerabilities catalog
https://securityaffairs.com/192529/hacking/u-s-cisa-adds-trend-micro-apex-one-and-langflow-to-its-known-exploited-vulnerabilities-catalog.html
#securityaffairs #hacking
U.S. CISA adds Trend Micro Apex One and Langflow to its Known Exploited Vulnerabilities catalog

U.S. CISA adds Trend Micro Apex One and Langflow vulnerabilities to its Known Exploited Vulnerabilities catalog.

Security Affairs
securityaffairs1d ago
U.S. #CISA adds #Microsoft and #Adobe flaws to its Known Exploited Vulnerabilities catalog
https://securityaffairs.com/192508/security/u-s-cisa-adds-microsoft-and-adobe-flaws-to-its-known-exploited-vulnerabilities-catalog.html
#securityaffairs #hacking
U.S. CISA adds Microsoft and Adobe flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft and Adobe flaws to its Known Exploited Vulnerabilities catalog.

Security Affairs
securityaffairs2d ago
Global law enforcement operation takes #First #VPN offline
https://securityaffairs.com/192491/cyber-crime/global-law-enforcement-operation-takes-first-vpn-offline.html
#securityaffairs #hacking
Global law enforcement operation takes First VPN offline

Police seized First VPN in a global crackdown, exposed its cybercrime users, and shut down infrastructure tied to ransomware and data theft.

Security Affairs
securityaffairs2d ago
#Apple Blocks Over 2 Million Apps in 2025 Fraud Crackdown
https://securityaffairs.com/192484/security/apple-blocks-over-2-million-apps-in-2025-fraud-crackdown.html
#securityaffairs #hacking
Apple Blocks Over 2 Million Apps in 2025 Fraud Crackdown

Apple 2025 fraud report shows major App Store protections: over 2M apps rejected, 1B fake accounts blocked, and billions in fraud prevented.

Security Affairs
securityaffairs2d ago
Attackers are bypassing MFA on #SonicWall VPNs because something was wrong with previous fix
https://securityaffairs.com/192477/hacking/attackers-are-bypassing-mfa-on-sonicwall-vpns-because-something-was-wrong-with-previous-fix.html
#securityaffairs #hacking
Attackers are bypassing MFA on SonicWall VPNs because something was wrong with previous fix

Attackers bypassed MFA on patched SonicWall Gen6 VPNs because admins missed extra manual steps required to fully fix the flaw.

Security Affairs
securityaffairs2d ago
#Cisco fixed maximum severity flaw CVE-2026-20223 in Secure Workload
https://securityaffairs.com/192473/security/cisco-fixed-maximum-severity-flaw-cve-2026-20223-in-secure-workload.html
#securityaffairs #hacking
Cisco fixed maximum severity flaw CVE-2026-20223 in Secure Workload

Cisco fixed a critical Secure Workload flaw (CVE-2026-20223) that could let attackers gain Site Admin privileges through crafted API requests

Security Affairs
securityaffairs2d ago
#Discord adds end-to-end encryption to voice and video calls by default
https://securityaffairs.com/192463/security/discord-adds-end-to-end-encryption-to-voice-and-video-calls-by-default.html
#securityaffairs #hacking
Discord adds end-to-end encryption to voice and video calls by default

Discord enables end-to-end encryption by default for all voice and video calls, making conversations inaccessible even to the platform itself

Security Affairs