GIGAZINE

SQL injection vulnerability in PostgreSQL went undiscovered for over nine years and was ...

On December 30, 2024, a 'Chinese government-sponsored advanced persistent threat actor' breached a system managing confidential data for the U.S. Treasury Department. It was discovered that the ...
The Hacker News

Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks

Drupal released security updates for a highly critical Drupal Core vulnerability affecting sites that use PostgreSQL.
CSO Online

Drupal admins rushing to patch maximum severity SQL injection vulnerability

In its warning, Drupal said a vulnerability in this API allows an attacker to send specially crafted requests resulting in ...
Arabian Post

Drupal flaw draws urgent patch race

US cyber authorities have added a critical Drupal Core SQL injection flaw to their exploited-vulnerabilities list after attacks began targeting unpatched websites using PostgreSQL databases, ...

PostgreSQL: Updates patch high-risk security vulnerabilities

Several security vulnerabilities have been discovered in the PostgreSQL database, which could allow attackers to inject SQL commands, among other things. Updated software is available. IT managers ...
CSOonline

PostgreSQL patches SQLi vulnerability likely exploited in BeyondTrust attacks

Attackers who exploited a zero-day vulnerability in BeyondTrust Privileged Remote Access and Remote Support products in December likely also exploited a previously unknown SQL injection flaw in ...