Autumn is an associate editorial director and a contributor to BizTech Magazine. She covers trends and tech in retail, energy & utilities, financial services and nonprofit sectors. But what are SQL ...

A new tool is making the rounds on the criminal underground. Called Katyusha Scanner, this is a hybrid between a classic SQL injection (SQLi) vulnerability scanner and Anarchi Scanner, an open-source ...

Ghost CMS SQL injection campaign has compromised 700+ websites — including Harvard University, Oxford University, and DuckDuckGo — using a CVSS 9.4 flaw to inject ClickFix malware lures that trick ...

Immortalized by “Little Bobby Drop Tables” in XKCD 327, SQL injection (SQLi) was first discovered in 1998, yet continues to plague web applications across the internet. Even the OWASP Top Ten lists ...

Hackers have been observed trying to breach cloud environments through Microsoft SQL Servers vulnerable to SQL injection. Microsoft's security researchers report that this lateral movement technique ...

PrestaShop, a developer of open source e-commerce software used by hundreds of thousands of small, independent retailers as the foundations of their online presence, has warned of a serious ...

This week’s disclosure that the huge data thefts at Heartland Payment Systems and other retailers resulted from SQL injection attacks could finally push retailers to pay serious attention to Web ...

Drupal is a very widely used open-source content management system. It initially was released in 2001, and recent statistics show Drupal as the third-most popular content management system, with just ...