ZDNet

Microsoft ships free code auditing tools to thwart SQL injection attacks

On the heels of a dramatic rise in SQL injection attacks linked to drive-by malware downloads, Microsoft has released aimed at helping Webmasters and IT administrators block and eradicate this attack ...
CSOonline

JSON-based SQL injection attacks trigger need to update web application firewalls

Security researchers have developed a generic technique for SQL injection that bypasses multiple web application firewalls (WAFs). At the core of the issue was WAF vendors failing to add support for ...
CSOonline

Glastopf Web application honeypot gets SQL injection emulation capability

The Honeynet Project, a non-profit organization that develops open-source security research tools, has created a component for the Glastopf Web application honeypot software that can emulate ...
Bleeping Computer

Latest SQL Injection news

Fortinet patched a critical vulnerability in its FortiClient Enterprise Management Server (EMS) software that can allow attackers to gain remote code execution (RCE) on vulnerable servers. A threat ...
SecurityWeek

SAP’s January 2026 Security Updates Patch Critical Vulnerabilities

The first round of SAP patches for 2026 resolves 19 vulnerabilities, including critical SQL injection, RCE, and code ...
Bleeping Computer

CISA urges software devs to weed out SQL injection vulnerabilities

CISA and the FBI urged executives of technology manufacturing companies to prompt formal reviews of their organizations' software and implement mitigations to eliminate SQL injection (SQLi) security ...