An unpatched SQL injection vulnerability in the Ghost content management system has been weaponized in an active, large-scale cyberattack that has compromised more than 700 websites worldwide — ...
A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious JavaScript code that triggers ClickFix attack flows. The campaign was ...
A fast, read-only MySQL Server for the Model Context Protocol (MCP) written in Go. This project exposes safe MySQL introspection tools to Claude Desktop via MCP. Claude can explore databases, describe ...
Threat hunters have disclosed two different malware campaigns that have targeted vulnerabilities and misconfigurations across cloud environments to deliver cryptocurrency miners. The threat activity ...
dbtpl is a command-line tool to inspect and generate templated code based on a database schema or a custom database query. In addition to being able to generate standardized "model" code for a ...
An emerging ransomware-as-a-service (RaaS) operation called Eldorado comes with locker variants to encrypt files on Windows and Linux systems. Eldorado first appeared on March 16, 2024, when an ...
Security researchers discovered a new malware-as-a-service (MaaS) named 'BunnyLoader' advertised on multiple hacker forums as a fileless loader that can steal and replace the contents of the system ...
ESET researchers have recently discovered a new undocumented modular backdoor, SideWalk, being used by an APT group we've named SparklingGoblin; this backdoor was used during one of SparklingGoblin's ...
Bitdefender security researchers have discovered a threat group likely based in Romania that's been active since at least 2020. They've been targeting Linux-based machines with weak SSH credentials, ...