GIGAZINE

SQL injection vulnerability in PostgreSQL went undiscovered for over nine years and was used to break into the US Treasury Department

On December 30, 2024, a 'Chinese government-sponsored advanced persistent threat actor' breached a system managing confidential data for the U.S. Treasury Department. It was discovered that the ...
Computerwoche Online

SQL injection attacks led to massive data breaches

This week's disclosure that the huge data thefts at Heartland Payment Systems and other retailers resulted from SQL injection attacks could finally push retailers into paying serious attention to Web ...
Infosecurity-magazine.com

High-Risk SQLi Flaw Exposes WordPress Memberships Plugin Users

A serious security issue has been discovered in the WordPress Paid Membership Subscriptions plugin, which is used by over 10,000 sites to manage memberships and recurring payments. Versions 2.15.1 and ...
GIGAZINE

It was pointed out that airport and cockpit security could be breached by SQL injection attacks

The Transportation Security Administration (TSA) has a program called 'KCM (Known Crewmember)' that allows pilots and flight attendants to pass security checks even when they are off. Similarly, there ...
heise online

Zoho ManageEngine ADManager Plus: Attackers can inject SQL commands

There is a security vulnerability in ManageEngine ADManager Plus that allows attackers unauthorized access. They can inject arbitrary SQL queries. A software update is available to patch the ...
Security

Cybersecurity Awareness Month: How to mitigate an SQL Injection Attack

In response to this, the application security SaaS company Indusface has detailed the potential financial impact of SQL Injection attacks on businesses. Additionally, they offer best practices to help ...