SecurityWeek

SAP’s January 2026 Security Updates Patch Critical Vulnerabilities

The first round of SAP patches for 2026 resolves 19 vulnerabilities, including critical SQL injection, RCE, and code ...
GIGAZINE

SQL injection vulnerability in PostgreSQL went undiscovered for over nine years and was used to break into the US Treasury Department

On December 30, 2024, a 'Chinese government-sponsored advanced persistent threat actor' breached a system managing confidential data for the U.S. Treasury Department. It was discovered that the ...
heise online

VMware: High-risk SQL injection vulnerability compromises Avi Load Balancer

Broadcom warns of an SQL injection vulnerability in VMware Avi Load Balancer. Attackers can gain unauthorized access to the database. "Malicious users with network access can send specially crafted ...
Ars Technica

Overcoming rudimentary SQL injection protection

I'm in the process of documenting the many ways in which an application is terrible. One of those ways is that it's vulnerable to SQL injection. It's not completely open, but you can manipulate a few ...
GIGAZINE

Report that information of more than 60,000 spyware users was successfully read using SQL injection

Eric Daigle, a computer scientist and white hat hacker, has revealed in a blog post how he exploited a vulnerability in a spyware app for Android devices called 'Catwatchful' to gain access to ...