Security Boulevard

Critical CERT-In Advisories – January 2026: SAP, Microsoft, and Atlassian Vulnerabilities

January 2026 was a wake-up month for enterprise security teams. In a single week, CERT-In released three high-severity ...
Bleeping Computer

CISA urges software devs to weed out SQL injection vulnerabilities

CISA and the FBI urged executives of technology manufacturing companies to prompt formal reviews of their organizations' software and implement mitigations to eliminate SQL injection (SQLi) security ...
Bleeping Computer

Ivanti Workspace Control hardcoded key flaws expose SQL credentials

Ivanti has released security updates to fix three high-severity hardcoded key vulnerabilities in the company's Workspace Control (IWC) solution. IWC helps enterprise admins manage desktops and ...
Dark Reading

New 'GambleForce' Threat Actor Behind String of SQL Injection Attacks

Researchers have spotted a new threat actor targeting organizations in the Asia-Pacific region with SQL injection attacks using nothing more than publicly available, open source penetration-testing ...
Ars Technica

Supermicro server motherboards can be infected with unremovable malware

Servers running on motherboards sold by Supermicro contain high-severity vulnerabilities that can allow hackers to remotely install malicious firmware that runs even before the operating system, ...