A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious ...

Ghost CMS SQL injection campaign has compromised 700+ websites — including Harvard University, Oxford University, and DuckDuckGo — using a CVSS 9.4 flaw to inject ClickFix malware lures that trick ...

Lazarus Group has deployed RemotePE, a fully memory-resident trojan that is extremely hard for traditional antivirus and forensic tools to detect.

New research highlights how AI-driven exploitation, zero-click vulnerabilities, and fragmented ransomware operations are reshaping cyber riskBOSTON, May 21, 2026 (GLOBE NEWSWIRE) -- Rapid7, Inc.

Hacking is often misunderstood as simply “breaking into computers.” But at its core, hacking is something broader and more fundamental: Hacking means making a system do something it was not meant to ...

G.A.A.P. AI, on-premise language models, and a hybrid development architecture: AccountTECH unveils a major private-AI strategy designed to supercharge its developers, protect client data, and refuse ...

Rapid7 has released its Q1 2026 Threat Landscape Report, warning that AI-driven cyber-attacks are dramatically accelerating vulnerability exploitation and shrinking the window organisations have to ...

Drupal is warning that hackers are attempting to exploit a "highly critical" SQL injection vulnerability announced earlier ...

Drupal CVE-2026-9082 exploitation hit 15,000 attempts across 65 countries, forcing urgent patches by May 27, 2026.

In its warning, Drupal said a vulnerability in this API allows an attacker to send specially crafted requests resulting in ...