GIGAZINE

SQL injection vulnerability in PostgreSQL went undiscovered for over nine years and was used to break into the US Treasury Department

On December 30, 2024, a 'Chinese government-sponsored advanced persistent threat actor' breached a system managing confidential data for the U.S. Treasury Department. It was discovered that the ...
IBTimes UK

Panama Papers: Hacker claims SQL injection vulnerability found in Mossack Fonseca server

A hacker, who runs the Twitter handle 1x0123, has claimed to have discovered an SQL injection vulnerability in one of the servers of Panamanian law firm Mossack Fonseca. The firm is currently facing ...

Critical Fortinet Forticlient EMS flaw now exploited in attacks

Attackers are now actively exploiting a critical vulnerability in Fortinet's FortiClient EMS platform, according to threat intelligence company Defused.

LangChain framework hit by several worrying security issues — here's what we know

LangChain and LangGraph have patched three high-severity and critical bugs.
Information Age

SQL injection: why is the oldest hack in the book still causing big problems?

The latest reports suggest the highly publicised ‘Panama Papers’ data leak was the result of a hacking technique known as SQL injection. With 11.5 million files being leaked, the Mossack Fonseca ...
Computing

SAP Hana riddled with encryption and SQL injection vulnerabilities, claims security company

SAP Hana, SAP's in-memory database that it is encouraging customers to adopt, is vulnerable to SQL injection attacks and contains encryption weaknesses, according to security company ERPScan.
SDxCentral

CISA and FBI Release Secure by Design Alert to Urge Manufacturers to Eliminate SQL Injection Vulnerabilities

Today, CISA and the Federal Bureau of Investigation (FBI) released a joint Secure by Design Alert, Eliminating SQL Injection Vulnerabilities in Software. This Alert was crafted in response to a recent ...