CISA Orders Emergency Drupal Patch | Microsoft Server Bug | Google Fights Canada Surveillance Bill
5/27/202611 min
CISA has ordered U.S. federal civilian agencies to urgently patch an actively exploited critical Drupal SQL injection vulnerability (CVE-2026-9082) affecting PostgreSQL-backed Drupal deployments, after Imperva reported more than 15,000 attack attempts across 65 countries. Microsoft has confirmed a strange Windows Server 2016 update issue where KB5087537 can break domain controller discovery when server hostnames are exactly 15 characters long, raising more questions about patch reliability as update complexity grows.
Google has joined a coalition opposing Canada's proposed lawful access legislation, Bill C-22, warning that secret ministerial orders, possible encryption risks, and mandatory metadata retention could weaken security rather than improve it. Critics point to the Salt Typhoon telecom espionage campaign as evidence that lawful intercept systems themselves can become prime targets.
Also in this episode: Check Point says Iran-linked threat group Nimbus Manticore has deployed new malware tools including MiniFast and MiniJunk V2, with researchers noting signs that MiniFast may have been developed with AI-assisted coding techniques. The campaign used SEO poisoning and fake Oracle SQL Developer downloads to lure victims.
Timestamps:
00:00 Top Headlines Rundown
00:27 Emergency Drupal Patch Order
02:22 Microsoft Server Update Bug
04:02 Canada Lawful Access Battle
05:18 Google's Security Concerns
06:25 Salt Typhoon Lessons
07:35 Iran-Linked AI Malware
09:26 SEO Poisoning Attack
10:09 Wrap Up and Sign Off
Transcript preview
First 90 secondsDavid Shipley· Host0:00
CISA orders feds to patch Drupal. Microsoft patch breaks some Windows Server 2016 deployments. Google joins growing opposition to Canada's cyber spying bill. And Iran-linked hackers now writing malware with the help of AI. This is Cybersecurity Today, and I'm your host, David Shipley. Let's get started. If your organization runs a Drupal-powered website on PostgreSQL, today is the day to patch it. The US Cybersecurity and Infrastructure Security Agency gave US federal civilian departments until midnight tonight to patch a critical SQL injection vulnerability in Drupal that's already being exploited in the wild. CISA added the flaw to its known exploited vulnerabilities catalog on Friday, triggering a roughly five-day federal patching clock. According to BleepingComputer, the vulnerability is CVE-2026-9082. Successful exploitation can lead to information disclosure, privilege escalation, and remote code execution. Cybersecurity firm Impervia has observed more than fifteen thousand attack attempts against nearly six thousand individual sites across sixty-five countries since the vulnerability was disclosed, with about half of those attacks targeting gaming and