Security Boulevard

Top CVEs & Vulnerabilities of September 2025

CVEs & Vulnerabilities of September 2025 reveal a wave of high-impact flaws that security teams cannot afford to ignore. From unauthenticated exploits in FreePBX to privilege escalation in Android and ...
Dark Reading

Cacti Monitoring Tool Spiked by Critical SQL Injection Vulnerability

A critical vulnerability in the Cacti Web-based open source framework for monitoring network performance gives attackers a way to ...
Ars Technica

The Pirate Bay compromised by SQL injection exploit

Popular BitTorrent site The Pirate Bay has suffered a security breach that exposed sensitive user account information. The ...
CSOonline

U.S. Says SQL Injection Caused Major Breaches

The huge data thefts at Heartland Payment Systems and other retailers resulted from SQL injection attacks and could finally push ...
Bleeping Computer

MOVEit Transfer customers warned of new flaw as PoC info surfaces

Progress warned MOVEit Transfer customers to restrict all HTTP access to their environments after info on a new SQL injection ...

Unpatched flaw in OnePlus phones lets rogue apps text messages

A vulnerability in multiple OnePlus OxygenOS versions allows any installed app to access SMS data and metadata without ...