• Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
MUST READ

Apple addressed the seventh actively exploited zero-day

 | 

Hackers deploy DripDropper via Apache ActiveMQ flaw, patch systems to evade detection

 | 

A Scattered Spider member gets 10 years in prison

 | 

FBI: Russia-linked group Static Tundra exploit old Cisco flaw for espionage

 | 

US CERT/CC warns of flaws in Workhorse Software accounting software used by hundreds of municipalities in Wisconsin

 | 

DOJ takes action against 22-year-old running RapperBot Botnet

 | 

Google fixed Chrome flaw found by Big Sleep AI

 | 

Pharmaceutical firm Inotiv discloses ransomware attack. Qilin group claims responsibility for the hack

 | 

A hacker tied to Yemen Cyber Army gets 20 months in prison

 | 

Exploit weaponizes SAP NetWeaver bugs for full system compromise

 | 

Allianz Life security breach impacted 1.1 million customers

 | 

U.S. CISA adds Trend Micro Apex One flaw to its Known Exploited Vulnerabilities catalog

 | 

AI for Cybersecurity: Building Trust in Your Workflows

 | 

Taiwan Web Infrastructure targeted by APT UAT-7237 with custom toolset

 | 

New NFC-Driven Android Trojan PhantomCard targets Brazilian bank customers

 | 

Cisco fixed maximum-severity security flaw in Secure Firewall Management Center

 | 

'Blue Locker' Ransomware Targeting Oil & Gas Sector in Pakistan

 | 

Hackers exploit Microsoft flaw to breach Canada ’s House of Commons

 | 

Norway confirms dam intrusion by Pro-Russian hackers

 | 

Zoom patches critical Windows flaw allowing privilege escalation

 | 
  • Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me

SQL injection

Pierluigi Paganini February 08, 2018
Joomla 3.8.4 release addresses three XSS and SQL Injection vulnerabilities

Joomla development team has released the Joomla 3.8.4 that addresses many issues, including an SQL injection bug and three cross-site scripting (XSS) flaws. Joomla development team has released the Joomla 3.8.4 that addresses a large number of issues, including an SQL injection bug and three cross-site scripting (XSS) vulnerabilities. The latest release also includes several improvements. The XSS and SQL injection vulnerabilities have been classified […]

Pierluigi Paganini November 01, 2017
WordPress releases the version 4.8.3 to address a serious SQL Injection vulnerability

WordPress developers fixed a serious SQL injection vulnerability on Tuesday with the release of version 4.8.3.. Apply it as soon as possible. WordPress developers fixed a serious SQL injection vulnerability that was reported by the researcher Anthony Ferrara,  VP of engineering at Lingo Live. The issue was addressed on Tuesday with the release of version 4.8.3. The vulnerability […]

Pierluigi Paganini July 01, 2017
SQL Injection flaw in WordPress Plugin WP Statistics potentially exposed 300,000+ Sites

Security experts at Sucuri have discovered a SQL Injection vulnerability in WP Statistics, one of the most popular WordPress plugins. Security experts at Sucuri have discovered a SQL Injection vulnerability in WP Statistics, one of the most popular WordPress plugins, that is currently installed on over 300,000 websites. The SQL Injection vulnerability in WP Statistics could be exploited by […]

Pierluigi Paganini May 18, 2017
Critical SQL Injection CVE-2017-8917 vulnerability patched in Joomla, update it now!

Joomla maintainers released a fix for a critical SQL injection flaw, tracked as CVE-2017-8917, that can be exploited by a remote attacker to hijack websites On Wednesday Joomla maintainers released a fix for a critical SQL injection vulnerability, tracked as CVE-2017-8917, that can be easily exploited by a remote attacker to obtain sensitive data and hijack websites. The vulnerability […]

Pierluigi Paganini March 01, 2017
SQLi flaw in the NextGEN Gallery plugin exposes at risk of hack more than 1 Million WordPress Installs

More than 1 million WordPress website are at risk due to a critical SQL injection vulnerability in the NextGEN Gallery plugin. Update it asap. Security experts at Sucuri firm have identified a SQL injection flaw in the WordPress image gallery NextGEN Gallery that could be exploited by a remote to gain access to the targeted website’s backend, including sensitive […]

Pierluigi Paganini February 15, 2017
Russian hacker Rasputin breaches over 60 Universities and Government Agencies

The Russian-speaking black hat hacker Rasputin, hacked systems of more than 60 universities and U.S. government agencies. According to the threat intelligence firm Recorded Future, a Russian-speaking black hat hacker, known as ‘Rasputin‘, hacked systems of more than 60 universities and U.S. Government agencies. We met Rasputin in December 2016, when he was offering for sale stolen login […]

Pierluigi Paganini December 16, 2016
More than 8,800 WordPress Plugins out of 44,705 are flawed

Security firm RIPS Technologies has analyzed 44,705 in the official WordPress plugins directory and discovered that more than 8,800 of them are flawed. Experts from the security company RIPS Technologies have conducted an interesting analysis of WordPress plugins. The researchers have analyzed 44,705 of the roughly 48,000 plugins available in the official WordPress plugins. “To do […]

Pierluigi Paganini December 05, 2016
Kapustkiy hacked the National Assembly of Ecuador website

Kapustkiy has breached the National Assembly of Ecuador and leaked the data via PasteBin. Once again he exploited a SQL injection. Here we go again with a Kapustkiy’s hack, this time the young hacker has breached the National Assembly of Ecuador and leaked the data via PasteBin.  The hacker broke into the backend of the www.asambleanacional.gob.ec website […]

Pierluigi Paganini November 06, 2016
Databases of Indian embassies leaked online. Too easy hack them

The databases of the Indian Embassies in Switzerland, Mali, Romania, Italy, Malawi, and Libya were leaked online by two grey hat hackers. Today I was contacted by a security pentester who goes online with the moniker Kapustkiy who revealed me to have breached the Indian Embassies in Switzerland, Mali, Romania, Italy, Malawi, and Libya. Kapustkiy and his friend Kasimierz (@Kasimierz_) told […]

Pierluigi Paganini August 24, 2016
Navis WebAccess app used by US Ports is affected by a SQL injection flaw

The Navis WebAccess application used in the transportation sector worldwide is affected by a high severity SQL injection vulnerability. A software used in the US ports is affected by a high severity SQL Injection vulnerability (CVE-2016-5817). The flaw was discovered by a hacker behind the online moniker “bRpsd,” the expert has discovered the vulnerability in […]

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6

newsletter

Subscribe to my email list and stay
up-to-date!

    recent articles

    Apple addressed the seventh actively exploited zero-day

    Security / August 21, 2025

    Hackers deploy DripDropper via Apache ActiveMQ flaw, patch systems to evade detection

    Malware / August 21, 2025

    A Scattered Spider member gets 10 years in prison

    Cyber Crime / August 21, 2025

    FBI: Russia-linked group Static Tundra exploit old Cisco flaw for espionage

    Intelligence / August 21, 2025

    US CERT/CC warns of flaws in Workhorse Software accounting software used by hundreds of municipalities in Wisconsin

    Security / August 21, 2025

    To contact me write an email to:

    Pierluigi Paganini :
    pierluigi.paganini@securityaffairs.co

    LEARN MORE

    QUICK LINKS

    • Home
    • Cyber Crime
    • Cyber warfare
    • APT
    • Data Breach
    • Deep Web
    • Digital ID
    • Hacking
    • Hacktivism
    • Intelligence
    • Internet of Things
    • Laws and regulations
    • Malware
    • Mobile
    • Reports
    • Security
    • Social Networks
    • Terrorism
    • ICS-SCADA
    • POLICIES
    • Contact me

    Copyright@securityaffairs 2024

    We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
    Cookie SettingsAccept All
    Manage consent

    Privacy Overview

    This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities...
    Necessary
    Always Enabled
    Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
    Non-necessary
    Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
    SAVE & ACCEPT