ZDNet

Microsoft ships free code auditing tools to thwart SQL injection attacks

On the heels of a dramatic rise in SQL injection attacks linked to drive-by malware downloads, Microsoft has released aimed at helping Webmasters and IT administrators block and eradicate this attack ...
Bleeping Computer

Latest SQL Injection news

Fortinet patched a critical vulnerability in its FortiClient Enterprise Management Server (EMS) software that can allow attackers to gain remote code execution (RCE) on vulnerable servers. A threat ...
SecurityWeek

SAP’s January 2026 Security Updates Patch Critical Vulnerabilities

The first round of SAP patches for 2026 resolves 19 vulnerabilities, including critical SQL injection, RCE, and code ...
Threat Post

Botnet Using Phony Firefox Add-On Scans for Sites Vulnerable to SQL Injection

A botnet posing as a legitimate Firefox add-on is scanning sites visited by compromised computers looking for SQL injection vulnerabilities. Attackers have been automating SQL injection attacks for a ...
Bleeping Computer

Over 29,000 QNAP devices vulnerable to code injection attacks

Tens of thousands of QNAP network-attached storage (NAS) devices are waiting to be patched against a critical security flaw addressed by the Taiwanese company on Monday. Remote threat actors can ...
Network World

Three best practices for reducing the risk of SQL injection attacks

This column is available in a weekly newsletter called IT Best Practices. Click here to subscribe. SQL injection attacks have been around for more than 10 years. Database security experts know they ...