SecurityWeek

SAP’s January 2026 Security Updates Patch Critical Vulnerabilities

The first round of SAP patches for 2026 resolves 19 vulnerabilities, including critical SQL injection, RCE, and code ...
dbta

The New SQL Server Vulnerability Assessment Tool Goes GA

The SQL Server Vulnerability Assessment tool (VA) is a feature within SQL Server Management Server (SSMS) 17.4 that scans your SQL Server instances of version 2012 and later, identifies security ...
ZDNet

Microsoft confirms critical SQL Server vulnerability

Microsoft late Monday issued a pre-patch advisory confirming a remote code execution vulnerability affecting its SQL Server line. The vulnerability, publicly disclosed with exploit code more than two ...
GIGAZINE

SQL injection vulnerability in PostgreSQL went undiscovered for over nine years and was used to break into the US Treasury Department

On December 30, 2024, a 'Chinese government-sponsored advanced persistent threat actor' breached a system managing confidential data for the U.S. Treasury Department. It was discovered that the ...
Dark Reading

Cacti Monitoring Tool Spiked by Critical SQL Injection Vulnerability

A critical vulnerability in the Cacti Web-based open source framework for monitoring network performance gives attackers a way to disclose Cacti's entire database contents — presenting a prickly risk ...
Bleeping Computer

Sophos fixes SQL injection vulnerability in their Cyberoam OS

Sophos has deployed a hotfix for their line of Cyberoam firewalls and routers to fix a SQL injection vulnerability. Sophos purchased firewall and router maker Cyberoam Technologies in 2014 and has ...
Threat Post

SQL Injection Attack is Tied to Election Commission Breach

A hacker offered to sell an unpatched system vulnerability in the U.S. Election Assistance Commission website on the Dark Web for “thousands” of dollars. Just as cybersecurity concerns over the U.S.