A Drupal core SQL injection issue is reportedly being actively exploited and added to CISA KEV. If your team runs Drupal, this is not a "next sprint" fix. Patch fast, review logs, and check internet-facing exposure right away. Most damage in cases like this comes from patch delays, not lack of awareness. Do you think most orgs are actually ready for this kind of patch speed?   submitted by   /u/SkrXR_ [link]   [comments]