SAP Patchday: One critical SQL injection vulnerability – and 18 others

On the April Patchday, SAP addresses vulnerabilities with 19 security notes. One critical vulnerability allows the injection ...
Ars Technica

Newly detected SQL injection attack snags Apple in wide net

Hackers are attempting to hide SQL injection commands by disguising the data as a string of numbers. The latest technique has been used to compromise as many as a million webpages in the early part of ...
Bleeping Computer

Microsoft: Hackers target Azure cloud VMs via breached SQL servers

Hackers have been observed trying to breach cloud environments through Microsoft SQL Servers vulnerable to SQL injection. Microsoft's security researchers report that this lateral movement technique ...
Bleeping Computer

Telegram-Based SQL Injection Scanner Available for $500 on Hacking Forum

A new tool is making the rounds on the criminal underground. Called Katyusha Scanner, this is a hybrid between a classic SQL injection (SQLi) vulnerability scanner and Anarchi Scanner, an open-source ...
Dark Reading

CISA Seeks to Curtail 'Unforgivable' SQL Injection Defects

SQL injection vulnerabilities continue to plague supply chains, prompting a joint alert from the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) ...
TechRepublic

SQL injection attacks: A cheat sheet for business pros

SQL injection has been a major security risk since the early days of the internet. Find out what's at risk, and how cybersecurity pros can defend their organizations. Few things terrify IT security ...
CMS Wire

SQL Injection and Little Bobby Tables: How to Protect Your CMS

If your eyes glazed over at the recent announcement of an “SQL injection” vulnerability in WordPress, take heart. You’re not alone. SQL injection attacks are a common kind of security flaw, but are ...