Network World

Massive SQL-injection attack not Microsoft’s fault, security official says

F-Secure found evidence of yet another massive round of infected Web sites on Thursday, all compromised by SQL injection attacks. Many pundits in the blogosphere were quick to blame Microsoft IIS ...
CSOonline

U.S. Says SQL Injection Caused Major Breaches

The huge data thefts at Heartland Payment Systems and other retailers resulted from SQL injection attacks and could finally push retailers to deal with Web application security flaws. A group of ...
Ars Technica

Overcoming rudimentary SQL injection protection

I'm in the process of documenting the many ways in which an application is terrible. One of those ways is that it's vulnerable to SQL injection. It's not completely open, but you can manipulate a few ...
heise online

VMware HCX: Code smuggling possible through SQL injection gap

There is a security vulnerability in VMware HCX that allows attackers to inject and execute code. Broadcom is providing updated software that fixes the underlying bugs. IT managers should apply the ...
The Verge

Researchers say a bug let them add fake pilots to rosters used for TSA checks

TSA security could be easily bypassed by using a simple SQL injection technique, say security researchers. TSA security could be easily bypassed by using a simple SQL injection technique, say security ...