Attackers exploiting F5 BIG IP appliances for SSH access are compromising edge infrastructure, pivoting into enterprise Linux environments, and targeting Active Directory systems through sophisticated multi stage intrusion campaigns.

The Packagist supply chain attack infected malicious PHP packages with Linux malware capable of remote code execution, CI/CD compromise, credential theft, and downstream software supply chain propagation.

The Drupal core SQL injection vulnerability CVE 2026 9082 is being actively exploited against PostgreSQL backed Drupal sites, exposing organizations to remote code execution and database compromise risks.