Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

4 headlines in this view

Showing 4 most recent headlines Filtered view

The Hacker News 1 week, 2 days ago

Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks

Threat actors are exploiting a recently disclosed critical security flaw in Ghost CMS to inject malicious JavaScript code with an aim to fuel ClickFix attacks

More from The Hacker News 26 May 2026, 12:02 a.m. Incident · 5 stories CVE-2026-26980 API CVE Critical Disclosure Flaw JavaScript SQL Threat Actor Unauthenticated Vulnerability

Security Affairs 1 week, 4 days ago

CVE-2026-9082: Drupal’s Highly Critical SQL Injection Flaw Is Already Under Active Attack

Attackers began exploiting Drupal SQL injection flaw CVE-2026-9082 within 48 hours of patch release. Drupal issued a highly critical security patch on May 20 for CVE-2026-9082, a SQL injection vulnerability that allows unauthenticated attackers to compromise sites running PostgreSQL databases. The project maintainers warned ahead of the release that exploits could surface within hours or […]

More from Security Affairs 24 May 2026, 4:17 a.m. Incident · 3 stories Actively exploited CVE-2026-9082 CVE Compromise Critical Exploit Flaw Patch PostgreSQL SQL Unauthenticated Vulnerability

The Hacker News 10 months, 3 weeks ago

Fortinet Releases Patch for Critical SQL Injection Flaw in FortiWeb (CVE-2025-25257)

Fortinet has released fixes for a critical security flaw impacting FortiWeb that could enable an unauthenticated attacker to run arbitrary database commands on susceptible instances

More from The Hacker News 12 Jul 2025, 2:38 a.m. Actively exploited CVE-2025-25257 CVE Critical Database Flaw Fortinet Patch SQL Unauthenticated Vulnerability

Dark Reading 3 years, 4 months ago

Patch Critical Bug Now: QNAP NAS Devices Ripe for the Slaughter

Analysts find that 98% of QNAP NAS are vulnerable to CVE-2022-27596, which allows unauthenticated, remote SQL code injection.

More from Dark Reading 3 Feb 2023, 5:08 a.m. CVE-2022-27596 CVE Critical Patch QNAP SQL Unauthenticated Vulnerability

Latest cybersecurity reporting from selected sources.

Refine the feed

Volume over time

Fresh headlines available

Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks

CVE-2026-9082: Drupal’s Highly Critical SQL Injection Flaw Is Already Under Active Attack

Fortinet Releases Patch for Critical SQL Injection Flaw in FortiWeb (CVE-2025-25257)

Patch Critical Bug Now: QNAP NAS Devices Ripe for the Slaughter