Dark Reading

Bots Use SQL Injection Tool in New Web Attack

A little-known botnet has put a different spin on the recent wave of SQL injection attacks on thousands of Websites: It’s outfitting its bots with its own tool to launch SQL injection attacks on ...
Tech Times

Ghost CMS SQL Injection Hits 700 Sites: Harvard, DuckDuckGo Serve Fake Cloudflare Malware

Ghost CMS SQL injection campaign has compromised 700+ websites — including Harvard University, Oxford University, and DuckDuckGo — using a CVSS 9.4 flaw to inject ClickFix malware lures that trick ...
HHS

Regulator Sounds SQL Injection Warning

The U.K. Information Commissioner's Office has issued a warning to businesses to eliminate SQL injection vulnerabilities from their websites, after fining a hotel booking site for failing to properly ...

Drupal: Critical SQL injection flaw now targeted in attacks

Drupal is warning that hackers are attempting to exploit a "highly critical" SQL injection vulnerability announced earlier ...
CSO Online

Drupal admins rushing to patch maximum severity SQL injection vulnerability

In its warning, Drupal said a vulnerability in this API allows an attacker to send specially crafted requests resulting in ...
Hackaday

sql injection

One of the hackers over at Bitquark popped a shell on on the Oculus Developer Portal giving him full reign over the special admin panel inside. If he felt so inclined, this allowed him edit users, ...