Security News > 2025 > February > PostgreSQL Vulnerability Exploited Alongside BeyondTrust Zero-Day in Targeted Attacks
2025-02-14 05:03
Threat actors who were behind the exploitation of a zero-day vulnerability in BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) products in December 2024 likely also exploited a previously unknown SQL injection flaw in PostgreSQL, according to findings from Rapid7. The vulnerability, tracked as CVE-2025-1094 (CVSS score: 8.1), affects the PostgreSQL interactive tool psql. "An
News URL
https://thehackernews.com/2025/02/postgresql-vulnerability-exploited.html
Related news
- Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks (source)
- Google fixes Android kernel zero-day exploited in attacks (source)
- Russian cybercrooks exploiting 7-Zip zero-day vulnerability (CVE-2025-0411) (source)
- 7-Zip MotW bypass exploited in zero-day attacks against Ukraine (source)
- Apple fixes zero-day exploited in 'extremely sophisticated' attacks (source)
- Apple fixes zero-day flaw exploited in “extremely sophisticated” attack (CVE-2025-24200) (source)
- Critical PostgreSQL bug tied to zero-day attack on US Treasury (source)
- Microsoft fixes Power Pages zero-day bug exploited in attacks (source)
- CISA Flags Craft CMS Vulnerability CVE-2025-23209 Amid Active Attacks (source)
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)