Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign
CVEs:
CVE-2026-26980
Indicators of Compromise
460 articles containing extracted IOCs (CVEs, IPs, hashes, domains, URLs, emails)
Security Affairs newsletter Round 578 by Pierluigi Paganini β INTERNATIONAL EDITION
CVEs:
CVE-2026-9082
U.S. CISA adds a flaw in Drupal Core to its Known Exploited Vulnerabilities catalog
CVEs:
CVE-2026-9082
CVE-2026-9082: Drupalβs Highly Critical SQL Injection Flaw Is Already Under Active Attack
CVEs:
CVE-2026-9082
LiteSpeed cPanel Plugin 0-Day Exploited for Server Root Access
CVEs:
CVE-2026-48172
LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root
CVEs:
CVE-2026-48172
Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV
CVEs:
CVE-2026-9082
Ubiquiti patches three critical vulnerabilities in UniFi OS
CVEs:
CVE-2026-34908
CVE-2026-34909
CVE-2026-34910
Middle East malicious infrastructure report highlights concentration of C2 servers
Domains:
hunt.io
CISA adds Trend Micro Apex One and Langflow flaws to exploited vulnerabilities catalog
CVEs:
CVE-2025-34291
CVE-2026-34926
Metasploit Wrap Up 05/22/2026
CVEs:
CVE-2026-20182
Drupal Vulnerability in Hacker Crosshairs Shortly After Disclosure
CVEs:
CVE-2026-9082
CISA Adds One Known Exploited Vulnerability to Catalog
CVEs:
CVE-2026-9082
CISA Adds Langflow Origin Validation Flaw to Known Exploited Vulnerabilities Catalog
CVEs:
CVE-2025-34291
CISA Issues Alert on Exploited Microsoft Defender Zero-Day Vulnerabilities
CVEs:
CVE-2026-45498
CISAβs new KEV nomination form opens reporting to vendors and researchers
U.S. CISA adds Trend Micro Apex One and Langflow to its Known Exploited Vulnerabilities catalog
CVEs:
CVE-2025-34291
TrendAI Patches Apex One Zero-Day Exploited in the Wild
CVEs:
CVE-2026-34926
One Telecom Provider Hosted Most of the Middle East βs Active C2 Infrastructure
Domains:
hunt.io
CISA Warns Trend Micro Apex One Vulnerability Is Being Exploited in Attacks
CVEs:
CVE-2026-34926