Tech Times

Ghost CMS SQL Injection Hits 700 Sites: Harvard, DuckDuckGo Serve Fake Cloudflare Malware

Ghost CMS SQL injection campaign has compromised 700+ websites — including Harvard University, Oxford University, and DuckDuckGo — using a CVSS 9.4 flaw to inject ClickFix malware lures that trick ...

Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign

A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious ...
The Hacker News

Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV

Drupal CVE-2026-9082 exploitation hit 15,000 attempts across 65 countries, forcing urgent patches by May 27, 2026.

Drupal: Critical SQL injection flaw now targeted in attacks

Drupal is warning that hackers are attempting to exploit a "highly critical" SQL injection vulnerability announced earlier ...
CSO Online

Drupal admins rushing to patch maximum severity SQL injection vulnerability

In its warning, Drupal said a vulnerability in this API allows an attacker to send specially crafted requests resulting in ...
GitHub

A java-based honeypot dashboard that sits on any website to observe SQL Injection, XSS, brute-force login attempts, admin page scans, and unauthorized access behaviors.

There was an error while loading. Please reload this page. High-Interaction Honeypot Project Overview The main objective of the high-interaction honeypot project is ...
Analytics Insight

The AI Arms Race in Web Application Security

The era of static firewalls and delayed patches is ending. Web threats evolve too quickly for rigid, rules-based systems to keep pace. What was once a secure perimeter is now a volatile ...
IEEE

Beyond the Basics: A Study of Advanced Techniques for Detecting and Preventing SQL Injection Attacks

Abstract: Attacks using SQL (Structured Query Language) injection pose a serious risk to the confidentiality and integrity of databases and web applications. Although tried-and-true methods like input ...