soc

Drupal is warning users that it has already seen attempts to exploit CVE-2026-9082 and security firms are seeing attacks against thousands of websites. The post Drupal Vulnerability in Hacker Crosshairs Shortly After Disclosure appeared first on SecurityWeek.

Other noteworthy stories that might have slipped under the radar: CISA contractor exposes credentials, Mythos testing and new features, Huawei router flaw triggered telecom blackout. The post In Other News: Industrial Router Exploitation, CISA KEV Nomination Form, Gas Station Hacking appeared first on SecurityWeek.

Drupal has released security updates for a “highly critical” security vulnerability in Drupal Core that can be exploited by anonymous attackers against sites using PostgreSQL databases. Tracked as the CVE-2026-9082 vulnerability, the issue resides in Drupal’s database abstraction API, which is supposed to sanitize queries before they reach the backend database. Drupal rates the flaw […]

BitLocker is designed to protect data at rest even when a device is lost, stolen, or powered off, which is why a bypass against that trust model draws immediate attention. The CVE-2026-Adresse geschuetzt, publicly referred to as YellowKey, is a Windows security feature bypass flaw that Microsoft says can let an attacker with physical access […]

Dark Web Profile: CoinbaseCartel CoinbaseCartel is a financially motivated threat actor that emerged on the Dark Web in September 2025. Unlike traditional ransomware groups, the group does not encrypt victim systems. Instead, it relies exclusively on data theft, threatening to publish exfiltrated data on its dark web leak site unless victims pay a ransom. This […]

Jacob Butler, 23, has been arrested in Canada and US authorities are seeking his extradition on computer hacking charges. The post Canadian Man Arrested for Operating Kimwolf Botnet appeared first on SecurityWeek.

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-9082 Drupal Core SQL Injection Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk […]

CVE-2026-20223: Cisco Secure Workload Auth Bypass Grants Site Admin Access Cisco has patched a maximum-severity vulnerability in Cisco Secure Workload (CSW) Cluster Software tracked as CVE-2026-20223. The issue is an authentication and access-control bypass affecting internal REST API endpoints, and it can allow a remote, unauthenticated attacker to obtain Site Admin privileges. Site Admin is […]

The FBI says First VPN has been used by dozens of ransomware groups for network reconnaissance and intrusions. The post ‘First VPN’ Cybercrime Service Disrupted, Administrator Arrested appeared first on SecurityWeek.

CVE-2026-Adresse geschuetzt. The post TrendAI Patches Apex One Zero-Day Exploited in the Wild appeared first on SecurityWeek.