Vulnerabilities US Government Urges Software Makers to Eliminate SQL Injection Vulnerabilities CISA and the FBI issue a secure-by-design alert on eliminating SQL injection vulnerabilities from software. Ionut ArghireMarch 26, 2024
Incident Response Critical Flaw in Popular ‘Ultimate Member’ WordPress Plugin The vulnerability carries a CVSS severity score of 9.8/10 and affects web sites running the Ultimate Member WordPress membership plugin. Ionut ArghireFebruary 26, 2024
Cybercrime Millions of User Records Stolen From 65 Websites via SQL Injection Attacks The ResumeLooters hackers compromise recruitment and retail websites using SQL injection and XSS attacks. Ionut ArghireFebruary 6, 2024
Cybercrime New Threat Actor Uses SQL Injection Attacks to Steal Data From APAC Companies GambleForce uses SQL injections to hack gambling, government, retail, and travel websites to steal sensitive information. Ionut ArghireDecember 14, 2023