SecurityWeek

Drupal Patches Highly Critical Vulnerability Exposing Websites to Hacking

CVE-2026-9082 can be exploited without authentication for information disclosure, privilege escalation, and remote code ...
Microsoft

Mini Shai Hulud: Compromised @antv npm packages enable CI/CD credential theft

Hulud payload to steal CI/CD secrets from Linux-based automation environments. The malware executes during npm install and ...