Critical PostgreSQL bug tied to zero-day attack on US Treasury
The vulnerability in the PostgreSQL interactive tool (psql) can lead to arbitrary code execution (ACE) and there is also a ...
PostgreSQL flaw exploited as zero-day in BeyondTrust breach
Rapid7's vulnerability research team says attackers exploited a PostgreSQL security flaw as a zero-day to breach the network ...
cyberdaily4 天
Rapid7 discovers ‘high-severity’ PostgreSQL injection zero-day vulnerability
A high-severity vulnerability in an open-source SQL database has been discovered by the team at cyber security firm Rapid7.
The Hacker News5 天
PostgreSQL Vulnerability Exploited Alongside BeyondTrust Zero-Day in Targeted Attacks
PostgreSQL SQL injection flaw (CVE-2025-1094) exploited alongside BeyondTrust zero-day, enabling arbitrary code execution.
CSOonline5 天
PostgreSQL patches SQLi vulnerability likely exploited in BeyondTrust attacks
Rapid7 researchers believe the BeyondTrust Remote Support attacks from December also exploited a zero-day flaw in PostgreSQL.
SecurityWeek5 天
Rapid7 Flags New PostgreSQL Zero-Day Connected to BeyondTrust Exploitation
Rapid7 finds a new zero-day vulnerability in PostgreSQL and links it to chain of attacks against a BeyondTrust Remote Support ...
Cfr.org15 天
Using Incentives to Shape the Zero-Day Market
Instead of overreaching to regulate the entire zero-day market, the U.S. government should create incentives for individuals, companies, and governments to find software vulnerabilities ...
The Hacker News18 天
BeyondTrust Zero-Day Breach Exposed 17 SaaS Customers via Compromised API Key
The breach was first flagged on December 5, 2024. "The investigation determined that a zero-day vulnerability of a third-party application was used to gain access to an online asset in a BeyondTrust ...