Critical Drupal SQL Injection Actively Exploited and Added to CISA Catalog
A SQL injection vulnerability in Drupal Core is actively exploited and added by CISA to the catalog of known exploited vulnerabilities; Imperva has documented over 15,000 attack attempts against 6,000 websites, primarily targeting gaming and financial sites, with security patches available.
All Model Labs Are Now Agent Labs
Major AI labs like OpenAI, DeepSeek and others are pivoting from pure model development to integrated agent systems, with the combination of model, harness, workflow and UI becoming the actual product, while coding agents improve significantly and DeepSeek’s aggressive pricing pressures the market.
Ghostwriter targets Ukrainian authorities with Prometheus phishing malware
Ghostwriter has conducted phishing campaigns against Ukrainian authorities since spring 2026, using malware components OYSTERFRESH, OYSTERBLUES, and OYSTERSHUCK to deploy Cobalt Strike, while Russia leverages AI tools for target reconnaissance and pro-Kremlin groups hijack Bluesky accounts.









