Latest Insights and News on SQL Injection Related Attacks
24 September 2025
Tracked as CVE-2025-59689, the command injection bug could be triggered via malicious emails containing crafted compressed attachments.
The post Libraesva Email Security Gateway Vulnerability Exploited by Nation-State Hackers appeared first on SecurityWeek.
24 September 2025
Libraesva has released a security update to address a vulnerability in its Email Security Gateway (ESG) solution that it said has been exploited by state-sponsored threat actors.
The vulnerability, tracked as CVE-2025-59689, carries a CVSS score of 6.1, indicating medium severity.
"Libraesva ESG is affected by a command injection flaw that can be triggered by a malicious email containing a
23 September 2025
A new ranking of Model Context Protocol weaknesses highlights critical risks—from prompt injection to command injection—and provides a roadmap for securing the foundations of agentic AI.
The post Top 25 MCP Vulnerabilities Reveal How AI Agents Can Be Exploited appeared first on SecurityWeek.
22 September 2025
Tracked as CVE-2025-10035 (CVSS score of 10), the critical deserialization vulnerability could be exploited for command injection.
The post Fortra Patches Critical GoAnywhere MFT Vulnerability appeared first on SecurityWeek.
16 September 2025
Cybersecurity researchers have disclosed multiple critical security vulnerabilities in Chaos Mesh that, if successfully exploited, could lead to cluster takeover in Kubernetes environments.
"Attackers need only minimal in-cluster network access to exploit these vulnerabilities, execute the platform's fault injections (such as shutting down pods or disrupting network communications), and perform
04 September 2025
A database, in apparent association with the Navy Federal Credit Union, exposed 378 GB of information.