SecurityWeek

SAP’s January 2026 Security Updates Patch Critical Vulnerabilities

The first round of SAP patches for 2026 resolves 19 vulnerabilities, including critical SQL injection, RCE, and code ...
Dark Reading

New 'GambleForce' Threat Actor Behind String of SQL Injection Attacks

Researchers have spotted a new threat actor targeting organizations in the Asia-Pacific region with SQL injection attacks using nothing more than publicly available, open source penetration-testing ...
eWeek

Businesses Still Beset by SQL Injection Attacks

Nearly two-thirds (65 percent) of respondents had experienced SQL injection attacks that successfully evaded their perimeter defenses in the past 12 months, according to a report from security ...
Computerworld

SQL flaws remain an Achilles heel for IT security groups

Indictments filed against five persons charged in a massive international hacking scheme indicate that SQL injection vulnerabilities continue to be a huge security Achilles heel for large IT ...
Dark Reading

Cacti Monitoring Tool Spiked by Critical SQL Injection Vulnerability

A critical vulnerability in the Cacti Web-based open source framework for monitoring network performance gives attackers a way to disclose Cacti's entire database contents — presenting a prickly risk ...
Infosecurity-magazine.com

High-Risk SQLi Flaw Exposes WordPress Memberships Plugin Users

A serious security issue has been discovered in the WordPress Paid Membership Subscriptions plugin, which is used by over 10,000 sites to manage memberships and recurring payments. Versions 2.15.1 and ...