ZDNet

Microsoft SQL zero-day adds to IE7 woes

A zero day vulnerability has been reported in Microsoft SQL server. Austrian pen-testing outfit SEC Consult has put out an advisory warning of a limited memory overwrite vulnerability in Microsoft SQL ...
Dark Reading

Zero-Day SQL Server Flaw Could Allow Remote Code Execution

Microsoft is warning users of a zero-day vulnerability discovered in SQL Server, and that exploits of the flaw have already been published. The software giant yesterday issued a security advisory ...
Computer Weekly

Victims of MOVEit SQL injection zero-day mount up

Multiple organisations are now coming forward to disclose that they have been affected by cyber attacks originating via a recently disclosed vulnerability in Progress Software’s MOVEit file transfer ...
Redmond Magazine

Microsoft July Patch Tuesday: 137 Bugs, 1 Zero-Day SQL Flaw

This month's Patch Tuesday is here, packed with 137 vulnerability fixes, including 14 rated critical and one publicly disclosed zero-day affecting Microsoft SQL Server. The zero-day flaw fix (CVE-2025 ...
Bleeping Computer

Hackers exploit zero-day in Sophos XG Firewall, fix released

Sophos has fixed a zero-day SQL injection vulnerability in their XG Firewall after receiving reports that hackers actively exploited it in attacks. Sophos states that they received a report on April ...
Ars Technica

Attackers exploit 0-day code-execution flaw in the Sophos firewall

Users of a widely used firewall from Sophos have been under a zero-day attack that was designed to steal usernames, cryptographically protected passwords, and other sensitive data, officials with the ...