Sql Injection is a attack_type tracked across 50 threat clusters and 289 intelligence report mentions on ThreatCluster. First observed October 27, 2025; most recent activity July 16, 2026.
SonicWall has reported two critical vulnerabilities, CVE-2026-15409 and CVE-2026-15410, affecting its SMA1000 Series appliances, which are currently being actively exploited. The first vulnerability, CVE-2026-15409, is…
CVE-2026-52887 is a critical SQL injection vulnerability affecting NocoBase, an AI-powered no-code/low-code platform. The flaw allows unauthenticated remote attackers to execute arbitrary SQL queries via the…
On January 13, 2026, SAP issued 17 new security notes during its monthly Security Patch Day, addressing critical injection flaws and remote code execution vulnerabilities in key products. Organizations are urged to…
A critical SQL injection vulnerability (CVE-2026-9082) in Drupal Core has been identified, affecting multiple supported versions. The vulnerability, with a CVSS score of 9.8, allows unauthenticated attackers to execute…
A critical unauthenticated SQL injection vulnerability (CVE-2026-49776) has been identified in the GPTranslate plugin for WordPress, affecting versions 2.32.6 and earlier. This flaw allows attackers to execute arbitrary…
A sophisticated cyber campaign has exploited a critical cPanel vulnerability (CVE-2026-41940) to breach government and military servers in Southeast Asia, particularly targeting Indonesia. The attackers utilized a…
A critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS is being actively exploited in a large-scale cyberattack affecting over 700 websites, including those of Harvard University, Oxford University, Auburn…
A critical SQL injection vulnerability, identified as CVE-2026-37749, has been discovered in CodeAstro Simple Attendance Management System v1.0. This flaw allows remote unauthenticated attackers to bypass authentication…
The Lazarus Group, a North Korea-linked cybercrime organization, has intensified its operations against financial and cryptocurrency sectors using a sophisticated fileless Remote Access Trojan (RAT) called RemotePE.…
A Booz Allen Hamilton report reveals that Chinese AI models, when tasked with generating code for US government applications, produce significantly more vulnerable code. The report found that models like Qwen and…