CyberSecurity Updates

Artificial intelligence is “an unstoppable force” that is being weaponized in ways that fall just short of traditional warfare, Britain’s cyberspying chief warned Wednesday. Anne Keast-Butler, director of the communications intelligence agency GCHQ, also said Britain and its allies are in “a space between peace and war” as Russia increases its “daily hybrid activity” against the West — even as Russian combat deaths in Ukraine approach 500,000. She said the West risks losing the conflict…

Securing software-as-a-service (SaaS) apps is hard. The standard cybersecurity controls are not designed for SaaS. The difficulty is the software doesn’t belong to the user and usually runs on somebody else’s infrastructure. Standard cybersecurity products are designed to operate on software owned by the user and housed on the users’ infrastructure. SaaS providers attempt to maintain security inside their apps, but they cannot control how they are used. Usage varies from user to user and…

A vulnerability patched a few months ago in the Ghost content management system (CMS) has been exploited to hack hundreds of websites, including ones belonging to major organizations, according to Chinese cybersecurity company Qianxin. The exploited vulnerability is tracked as CVE-2026-26980 and its existence came to light in February when it was patched. Ghost is a widely used open source CMS designed specifically for blogging, newsletters, and publishing, offering built-in tools for memberships, subscriptions, and…

Threat actors are exploiting a vulnerability in shared content delivery network (CDN) infrastructure to hide connections to malicious domains. Dubbed Underminr, the issue is a variant of domain fronting, a now-mitigated type of attack that enabled threat actors to place an allowed domain in the SNI and TLS certificate validation fields of an HTTPS request, while embedding a different target domain in the TLS tunnel’s encrypted HTTP host header. Because CDNs routed requests internally based…

Drupal is warning users that it’s already seeing attempts to exploit CVE-2026-9082, the highly critical vulnerability patched this week. The vulnerability affects an API designed to ensure that database queries are sanitized to prevent SQL injection. “A vulnerability in this API allows an attacker to send specially crafted requests, resulting in arbitrary SQL injection for sites using PostgreSQL databases,” Drupal explains.  The flaw can be exploited by unauthenticated attackers to obtain information and in some…

SecurityWeek’s weekly cybersecurity news roundup offers a concise overview of important developments that may not receive full standalone coverage but remain relevant to the broader threat landscape. This curated summary highlights key stories across vulnerability disclosures, emerging attack methods, policy updates, industry reports, and other noteworthy events to help readers maintain a well-rounded awareness of the evolving cybersecurity environment. Here are this week’s highlights: Iranian hackers suspected in US gas station tank monitor breaches US…