Infosecurity-magazine.com

SQL injection attack leads to command execution

Thus far, SQL injection has focused on altering data within the database, rather than attacking the underlying operating system. But researcher Bernardo Damele Assumpcao Guimaraes will be upgrading ...
SecurityWeek

SAP’s January 2026 Security Updates Patch Critical Vulnerabilities

The first round of SAP patches for 2026 resolves 19 vulnerabilities, including critical SQL injection, RCE, and code ...
Ars Technica

Newly detected SQL injection attack snags Apple in wide net

A new series of mass SQL injection attacks has planted links to malware sites and hidden iframes in over a million webpages, including parts of Apple’s website. The technique is similar to a standard ...
CSOonline

PostgreSQL patches SQLi vulnerability likely exploited in BeyondTrust attacks

Attackers who exploited a zero-day vulnerability in BeyondTrust Privileged Remote Access and Remote Support products in December likely also exploited a previously unknown SQL injection flaw in ...
CMS Wire

SQL Injection and Little Bobby Tables: How to Protect Your CMS

If your eyes glazed over at the recent announcement of an “SQL injection” vulnerability in WordPress, take heart. You’re not alone. SQL injection attacks are a common kind of security flaw, but are ...
Dark Reading

Security 101: SQL Injection

Many web-facing enterprise applications have databases sitting behind them. For many of those, the application itself is little more than a snazzy user interface sitting on top of a database. And in ...
Threat Post

SAP Patches 12 SQL Injection, XSS Vulnerabilities in HANA

SAP patched a dozen holes in its in-memory management system HANA that could have led to SQL injections, cross-site scripting (XSS) errors, and memory corruption vulnerabilities. SAP patched a dozen ...