Rapid7 finds a new zero-day vulnerability in PostgreSQL and links it to chain of attacks against a BeyondTrust Remote Support ...

Rapid7's vulnerability research team says attackers exploited a PostgreSQL security flaw as a zero-day to breach the network ...

PostgreSQL SQL injection flaw (CVE-2025-1094) exploited alongside BeyondTrust zero-day, enabling arbitrary code execution.

BeyondTrust breach impacted 17 SaaS customers via compromised API key linked to Silk Typhoon; U.S. Treasury affected.

Rapid7 researchers believe the BeyondTrust Remote Support attacks from December also exploited a zero-day flaw in PostgreSQL.

High-complexity bug unearthed by infoseccers, as Rapid7 probes exploit further A high-severity SQL injection bug in the ...

A high-severity vulnerability in an open-source SQL database has been discovered by the team at cyber security firm Rapid7.

BeyondTrust says it spotted an attack in early December 2024 It found some of its Remote Support SaaS instances were compromised It also found and patched two zero-day flaws BeyondTrust has ...

The US Cybersecurity and Infrastructure Security Agency (CISA) has added two recently-discovered BeyondTrust bugs to ... Exchange Server ProxyLogon zero-days. Silk Typhoon is a part of a wider ...

The US Cybersecurity and Infrastructure Security Agency (CISA) has added to its catalog of known exploited vulnerabilities a second vulnerability by BeyondTrust, which was patched in December.