News

Exploits for pre-auth Fortinet FortiWeb RCE flaw released, patch now
Proof-of-concept exploits have been released for a critical SQLi vulnerability in Fortinet FortiWeb that can be used to ...
The Hacker News6d
Fortinet Releases Patch for Critical SQL Injection Flaw in FortiWeb (CVE-2025-25257)
Fortinet fixes a critical SQL injection vulnerability in FortiWeb (CVE-2025-25257), posing risks to database security.
Provider of covert surveillance app spills passwords for 62,000 users
The maker of a phone app that is advertised as providing a stealthy means for monitoring all activities on an Android device ...
SecurityWeek15d
Undetectable Android Spyware Backfires, Leaks 62,000 User Logins
A vulnerability in Catwatchful, an Android spyware posing as parental control software, exposed the credentials of over 62,000 customer accounts.
GIGAZINE4mon
SQL injection vulnerability in PostgreSQL went undiscovered for over ...
SQL injection occurs when user-supplied input is not escaped properly when it is inserted into an SQL statement. Since single quotes (') are used to delimit string literals, proper handling is ...
The Register on MSN23d
Anthropic won't fix a bug in its SQLite MCP server
Fork that - 5k+ times Anthropic says it won't fix an SQL injection vulnerability in its SQLite Model Context Protocol (MCP) server that a researcher says could be used to hijack a support bot and ...