GIGAZINE

SQL injection vulnerability in PostgreSQL went undiscovered for over nine years and was used to break into the US Treasury Department

On December 30, 2024, a 'Chinese government-sponsored advanced persistent threat actor' breached a system managing confidential data for the U.S. Treasury Department. It was discovered that the ...
eWeek

Mass SQL Injection Attacks Uses Automated Tools, Search to Infect New Sites

eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. Security researchers monitoring mass SQL injection attacks ...
Dark Reading

Myth-Busting SQL- And Other Injection Attacks

While different security researchers may haggle over the exact ranking of SQL injection attacks compared to other common maladies, such as XSS and CSRF, few would deny that SQLi and its other ...
CSOonline

What is SQL injection? How these attacks work and how to prevent them

Immortalized by “Little Bobby Drop Tables” in XKCD 327, SQL injection (SQLi) was first discovered in 1998, yet continues to plague web applications across the internet. Even the OWASP Top Ten lists ...
Dark Reading

Tech Insight: SQL Injection Demystified

Several high-profile hacks over the past year including those at Heartland, Hannaford Bros., and 7-11, all have had one thing in common: they were launched with a SQL injection attack. Cross-site ...