Microsoft Threat Intelligence observed limited activity by an unattributed threat actor using a publicly available, static ...

PostgreSQL SQL injection flaw (CVE-2025-1094) exploited alongside BeyondTrust zero-day, enabling arbitrary code execution.

Microsoft Threat Intelligence has identified 3,000 ASP.NET keys disclosed in code documentation and repos that could be used ...

The vulnerability in the PostgreSQL interactive tool (psql) can lead to arbitrary code execution (ACE) and there is also a ...

In the article, Microsoft explained threat actors were injecting malicious code through a method called ViewState code ...

Rapid7 researchers believe the BeyondTrust Remote Support attacks from December also exploited a zero-day flaw in PostgreSQL.

Microsoft has identified more than 3,000 publicly exposed ASP.NET machine keys that could be used by threat actors in code injection attacks against enterprise servers. In a blog post Thursday ...

Threat actors are using publicly exposed cryptographic keys - ASP.NET machine keys - to manipulate authentication tokens, ...

ViewState code injection attacks can lead to remote code execution, Microsoft warned Many devs are not generating their own machine keys for ViewState There are thousands of publicly available ...

Rapid7 finds a new zero-day vulnerability in PostgreSQL and links it to chain of attacks against a BeyondTrust Remote Support ...

Wiz Research just found a major AI security exposure—DeepSeek had a publicly accessible database leaking sensitive ...

Ivanti and Fortinet on Tuesday released patches for multiple critical- and high-severity vulnerabilities in their products.