Drupal just patched a 'highly critical' SQL injection flaw. Guess what? Hackers are already trying to break in. This isn't good.
Drupal's database abstraction layer has a gaping hole for PostgreSQL users. CVE-2026-9082 is a critical SQL injection vulnerability that unauthenticated attackers can exploit, and the clock is ticking.
Drupal users, pay attention. A 'highly critical' flaw has landed, and if you're running PostgreSQL, your site is vulnerable. This isn't just about data leaks; it's about full takeover.
A million WordPress sites using the popular Avada Builder plugin are exposed. Two severe vulnerabilities could hand over your site credentials to attackers.
Forget slow-burn exploits. A critical vulnerability in LiteLLM's AI gateway was actively weaponized just 36 hours after its disclosure, proving attackers aren't waiting around for official patches.
The world of AI development just got a bit scarier. A critical vulnerability in LiteLLM, the popular LLM gateway, has been weaponized by hackers, and they're going straight for the jugular – your API keys.
Fortinet's endpoint management server is bleeding from two zero-day wounds. Attackers are already feasting – time to patch or perish.