Network World

SQL injection attacks led to massive data breaches

The huge data thefts at Heartland Payment Systems and other retailers resulted from SQL injection attacks and could finally push retailers to deal with Web application security flaws. This week’s ...
Dark Reading

Social Networking Developer Site Database Hacked In SQL Injection Attack

A site for social networking developers has been hit with a major SQL injection attack that exposed more than 30 million user names and passwords. RockYou, a site that delivers widgets for social ...
Dark Reading

Simplifying SQL Injection Detection

Even many years after gaining prominence as one of the most popular and convenient ways for criminals to break into corporate databases through vulnerable web applications, SQL injection still remains ...
CSOonline

MOVEit Transfer vulnerability appears to be exploited widely

A SQL injection vulnerability has been found in the MOVEit Transfer web application, allowing an unauthenticated attacker to gain unauthorized access to MOVEit Transfer’s database. Progress Software ...
Bleeping Computer

MOVEit Transfer customers warned of new flaw as PoC info surfaces

Progress warned MOVEit Transfer customers to restrict all HTTP access to their environments after info on a new SQL injection (SQLi) flaw (tracked as CVE-2023-35708) was shared online today. The ...
The Register on MSN

Anthropic's Claude Code runs code to test it if is safe – which might be a big mistake

AI security reviews add new risks, say researchers App security outfit Checkmarx says automated reviews in Anthropic's Claude ...