Security news aggregator

Latest coverage for Database

Stay informed on database security trends, breaches, and best practices in information security with our comprehensive news and updates.

65 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Databases store and organize data electronically, enabling efficient retrieval and management. They often hold sensitive information such as user credentials, financial records, or personal details, making them prime targets for attackers. Common database types include relational databases using structured query language (SQL) and NoSQL databases designed for unstructured data.

Security risks include SQL injection attacks that exploit improper input handling to manipulate or extract data, and misconfigured access controls that allow unauthorized users to view or alter information. Protecting databases involves strict authentication, role-based access controls, encryption of data at rest and in transit, and timely application of security patches to database software. Monitoring query logs and access patterns helps detect suspicious activity that could indicate compromise or insider threats.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 65 Filtered view

A large-scale credential harvesting operation has been observed exploiting the React2Shell vulnerability as an initial infection vector to steal database credentials, SSH private keys, Amazon Web Services (AWS) secrets, shell command history, Stripe API keys, and GitHub tokens at scale

Cybersecurity researchers have disclosed details of multiple critical-severity security flaws affecting Coolify, an open-source, self-hosting platform, that could result in authentication bypass and remote code execution

The Hacker News 10 months, 2 weeks ago

Detecting Data Leaks Before Disaster

In January 2025, cybersecurity experts at Wiz Research found that Chinese AI specialist DeepSeek had suffered a data leak, putting more than 1 million sensitive log streams at risk. According to the Wiz Research team, they identified a publicly accessible ClickHouse database belonging to DeepSeek. This allowed “full control over database operations, including the ability to access

Loading more headlines...