Tag: exploitation in the wild
3 articles

Drupal Core SQL Injection Flaw Actively Exploited
Drupal has confirmed that exploit attempts for a critical SQL injection flaw, CVE-2026-9082, are being actively detected in the wild, posing a significant risk of privilege escalation and remote code execution. This vulnerability affects all supported Drupal Core versions and can lead to full site compromise if not addressed promptly.

Weaver E-cology Flaw Exploited Through Debug API Endpoint
A critical bug in Weaver E-cology, known as CVE-2026-22679, is being actively exploited - allowing hackers to take full control of your system with a CVSS score of 9.8. This severe vulnerability lets attackers execute commands without needing login credentials, putting your entire system at risk.

cPanel Vulnerability Exploited, Ransomware Attacks Reported
A critical cPanel vulnerability, CVE-2026-41940, has been exploited, putting servers at risk of full takeover and ransomware attacks - with a near-worst-case severity score of 9.8. This flaw affects cPanel, WebHost Manager, and WP Squared, and has already been flagged by the US government's cybersecurity agency as being exploited in the wild.