On December 30, 2024, a 'Chinese government-sponsored advanced persistent threat actor' breached a system managing confidential data for the U.S. Treasury Department. It was discovered that the ...

A hacker offered to sell an unpatched system vulnerability in the U.S. Election Assistance Commission website on the Dark Web for “thousands” of dollars. Just as cybersecurity concerns over the U.S.

The Magento content management system used by thousands of online shops has received fixes for several serious vulnerabilities, including an unauthenticated SQL injection flaw that’s likely to soon ...

Researchers with Vulnerability Lab today announced mega payment processor PayPal has fixed a flaw on its site that allowed a remote user or a local user with low privileges to compromise a Web ...

Glastopf Web Application Honeypot software has got the capability of emulating applications vulnerable to SQL injection attacks, which will ultimately be helpful in tricking attackers into revealing ...

Developers of the popular vBulletin Internet forum software have issued emergency patches Wednesday in order to fix a SQL injection vulnerability that could allow attackers to read and manipulate ...

A critical vulnerability in the Cacti Web-based open source framework for monitoring network performance gives attackers a way to disclose Cacti's entire database contents — presenting a prickly risk ...

A serious security issue has been discovered in the WordPress Paid Membership Subscriptions plugin, which is used by over 10,000 sites to manage memberships and recurring payments. Versions 2.15.1 and ...

These days SQL injection vulnerabilities may seem like a dime a dozen, but creative penetration testers and attackers continue to come up with new ways to take advantage of this vulnerability class ...