GIGAZINE

SQL injection vulnerability in PostgreSQL went undiscovered for over nine years and was used to break into the US Treasury Department

On December 30, 2024, a 'Chinese government-sponsored advanced persistent threat actor' breached a system managing confidential data for the U.S. Treasury Department. It was discovered that the ...
heise online

Zoho ManageEngine ADManager Plus: Attackers can inject SQL commands

There is a security vulnerability in ManageEngine ADManager Plus that allows attackers unauthorized access. They can inject arbitrary SQL queries. A software update is available to patch the ...
GIGAZINE

'Lord of SQL Injection', a site where you can learn about SQL injection vulnerabilities while capturing dungeons

First, access Lord of SQL Injection and click '[enter to the dungeon]'. It's my first time to use Lord of SQL Injection, so click 'Join'. Enter the ID, email address, and password used in Lord of SQL ...