GIGAZINE

SQL injection vulnerability in PostgreSQL went undiscovered for over nine years and was used to break into the US Treasury Department

On December 30, 2024, a 'Chinese government-sponsored advanced persistent threat actor' breached a system managing confidential data for the U.S. Treasury Department. It was discovered that the ...
Dark Reading

CISA Seeks to Curtail 'Unforgivable' SQL Injection Defects

SQL injection vulnerabilities continue to plague supply chains, prompting a joint alert from the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) ...
Security

CISA, FBI urge manufacturers to eliminate SQL injection vulnerabilities

CISA and the Federal Bureau of Investigation (FBI) released a joint Secure by Design Alert, Eliminating SQL Injection Vulnerabilities in Software. This Alert was crafted in response to a recent, ...
TechRadar

The FBI and CISA want to lead a major crackdown on SQL vulnerabilities

Despite being well-documented for some time now, and considered an “unforgivable” mishap, SQL Injection (SQLi) vulnerabilities remain “a persistent class of defect in commercial software products,” a ...
Infosecurity-magazine.com

High-Risk SQLi Flaw Exposes WordPress Memberships Plugin Users

A serious security issue has been discovered in the WordPress Paid Membership Subscriptions plugin, which is used by over 10,000 sites to manage memberships and recurring payments. Versions 2.15.1 and ...
IT World Canada

Cyber Security Today, Oct. 25, 2021 – A warning to JavaScript users, ransomware gangs feeling squeezed and an SQL vulnerability found

A warning to JavaScript users, ransomware gangs feeling squeezed and an SQL vulnerability found. Welcome to Cyber Security Today. It’s Monday October 25th. I’m Howard Solomon, contributing writer on ...