SQLi flaw in Elementor Ally plugin impacts 250k+ WordPress sites
An SQL injection vulnerability in Ally, a WordPress plugin from Elementor for…
New “LeakyLooker” Flaws in Google Looker Studio Could Enable Cross-Tenant SQL Queries
Ravie LakshmananMar 10, 2026Database Security / Vulnerability Cybersecurity researchers have disclosed nine…
FreePBX Patches Critical SQLi, File-Upload, and AUTHTYPE Bypass Flaws Enabling RCE
Dec 15, 2025Ravie LakshmananVulnerability / Software Security Multiple security vulnerabilities have been…
GhostRedirector Hacks 65 Windows Servers Using Rungan Backdoor and Gamshen IIS Module
Cybersecurity researchers have lifted the lid on a previously undocumented threat cluster…
Sophos and SonicWall Patch Critical RCE Flaws Affecting Firewalls and SMA 100 Devices
Jul 24, 2025Ravie LakshmananNetwork Security / Vulnerability Sophos and SonicWall have alerted…
Critical Mitel Flaw Lets Hackers Bypass Login, Gain Full Access to MiVoice MX-ONE Systems
Jul 24, 2025Ravie LakshmananVulnerability / Network Security Mitel has released security updates…
Fortinet Releases Patch for Critical SQL Injection Flaw in FortiWeb (CVE-2025-25257)
Jul 11, 2025Ravie LakshmananUnited States Fortinet has released fixes for a critical…
China-Linked Hackers Exploit SAP and SQL Server Flaws in Attacks Across Asia and Brazil
May 30, 2025Ravie LakshmananVulnerability / Threat Intelligence The China-linked threat actor behind…
