19岁少年尼萨尔加·阿迪卡里发现印度中央中等教育委员会（CBSE）数字阅卷门户OnMark存在安全漏洞。2月25日，他报告首个漏洞，由SQL注入与硬编码主密码结合，可绕过认证访问评分仪表盘、更改成绩；5月25日，又发现会泄露考官信息的第二个漏洞。5月26日，CBSE否认有漏洞，5月31日承认存在“安全漏洞”，称已“控制”，并部署印度理工学院专家保障安全。 CBSE将OSM项目合同授予Coempt ...

Ghost CMS SQL injection campaign has compromised 700+ websites — including Harvard University, Oxford University, and DuckDuckGo — using a CVSS 9.4 flaw to inject ClickFix malware lures that trick ...

Ghost CMS flaw CVE-2026-26980 enabled attacks on 700+ sites, injecting ClickFix malware through fake CAPTCHA pages.

A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious ...

Abstract: One of the more interesting developments recently gaining popularity in the server-side JavaScript space is Node.js. It's a framework for developing high-performance, concurrent programs ...

A newly discovered zero-day vulnerability in Microsoft Exchange Server has experts declaring an emergency and urging CSOs to think about the need to abandon on-premises email solutions. “Because it’s ...

Microsoft has disclosed a new security vulnerability impacting on-premise versions of Exchange Server that it said has come under active exploitation in the wild. The vulnerability, tracked as ...

Python stays far ahead after another dip; C holds second, Java retakes third from C++, and R rises to eighth as SQL slips, ...

The structured query language is a powerful tool for connecting to many database systems that store data in tables organized into rows and columns. It's often used on the backend of business websites ...