SAP Patchday: One critical SQL injection vulnerability – and 18 others

On the April Patchday, SAP addresses vulnerabilities with 19 security notes. One critical vulnerability allows the injection ...
GIGAZINE

SQL injection vulnerability in PostgreSQL went undiscovered for over nine years and was used to break into the US Treasury Department

On December 30, 2024, a 'Chinese government-sponsored advanced persistent threat actor' breached a system managing confidential data for the U.S. Treasury Department. It was discovered that the ...

Critical Fortinet Forticlient EMS flaw now exploited in attacks

Attackers are now actively exploiting a critical vulnerability in Fortinet's FortiClient EMS platform, according to threat intelligence company Defused.
IBTimes UK

Panama Papers: Hacker claims SQL injection vulnerability found in Mossack Fonseca server

A hacker, who runs the Twitter handle 1x0123, has claimed to have discovered an SQL injection vulnerability in one of the servers of Panamanian law firm Mossack Fonseca. The firm is currently facing ...

LangChain framework hit by several worrying security issues — here's what we know

LangChain and LangGraph have patched three high-severity and critical bugs.
Computing

SAP Hana riddled with encryption and SQL injection vulnerabilities, claims security company

SAP Hana, SAP's in-memory database that it is encouraging customers to adopt, is vulnerable to SQL injection attacks and contains encryption weaknesses, according to security company ERPScan.
SDxCentral

CISA and FBI Release Secure by Design Alert to Urge Manufacturers to Eliminate SQL Injection Vulnerabilities

Today, CISA and the Federal Bureau of Investigation (FBI) released a joint Secure by Design Alert, Eliminating SQL Injection Vulnerabilities in Software. This Alert was crafted in response to a recent ...