Security News > 2025 > February > Critical PostgreSQL bug tied to zero-day attack on US Treasury
2025-02-14 14:19
High-complexity bug unearthed by infoseccers, as Rapid7 probes exploit further A high-severity SQL injection bug in the PostgreSQL interactive tool was exploited alongside the zero-day used to break into the US Treasury in December, researchers say.…
News URL
https://go.theregister.com/feed/www.theregister.com/2025/02/14/postgresql_bug_treasury/
Related news
- Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891) (source)
- Google fixes Android kernel zero-day exploited in attacks (source)
- 7-Zip MotW bypass exploited in zero-day attacks against Ukraine (source)
- Critical RCE bug in Microsoft Outlook now exploited in attacks (source)
- Hacker pleads guilty to SIM swap attack on US SEC X account (source)
- Apple fixes zero-day exploited in 'extremely sophisticated' attacks (source)
- Apple fixes zero-day flaw exploited in “extremely sophisticated” attack (CVE-2025-24200) (source)
- US indicts 8Base ransomware operators for Phobos encryption attacks (source)
- PostgreSQL Vulnerability Exploited Alongside BeyondTrust Zero-Day in Targeted Attacks (source)
- A PostgreSQL zero-day was also exploited in US Treasury hack (CVE-2025-1094) (source)