The Hacker News22h
PostgreSQL Vulnerability Exploited Alongside BeyondTrust Zero-Day in Targeted Attacks
PostgreSQL SQL injection flaw (CVE-2025-1094) exploited alongside BeyondTrust zero-day, enabling arbitrary code execution.
The Register on MSN13h
Critical PostgreSQL bug tied to zero-day attack on US Treasury
The vulnerability in the PostgreSQL interactive tool (psql) can lead to arbitrary code execution (ACE) and there is also a ...
Security vulnerability: Attackers can attack PostgreSQL databases
The vulnerability is found in several libpq functions. Inputs are not sufficiently sanitized, allowing attackers to execute ...
PostgreSQL flaw exploited as zero-day in BeyondTrust breach
Rapid7's vulnerability research team says attackers exploited a PostgreSQL security flaw as a zero-day to breach the network ...
Chinese hackers breach more US telecoms via unpatched Cisco routers
China's Salt Typhoon hackers are still actively targeting telecoms worldwide and have breached more U.S. telecommunications ...
The Hacker News9h
Lazarus Group Deploys Marstech1 JavaScript Implant in Targeted Developer Attacks
The North Korean threat actor known as the Lazarus Group has been linked to a previously undocumented JavaScript implant ...
CSOonline15h
whoAMI name confusion attacks can expose AWS accounts to malicious code execution
Due to a misconfiguration, developers could be tricked into retrieving malicious Amazon Machine Images (AMI) while creating ...
SecurityWeek15h
Salt Typhoon Targeting Old Cisco Vulnerabilities in Fresh Telecom Hacks
Chinese APT Salt Typhoon has been exploiting known vulnerabilities in Cisco devices in attacks on telecom providers in the US ...