The huge data thefts at Heartland Payment Systems and other retailers resulted from SQL injection attacks and could finally push retailers to deal with Web application security flaws. This week’s ...

The first round of SAP patches for 2026 resolves 19 vulnerabilities, including critical SQL injection, RCE, and code ...

Data relating to 8.3 million users of stock-image sites Freepik and Flaticon, both owned by Freepik Co. S.L., have been stolen through an SQL injection attack. The data stolen included the email ...

SQL injection vulnerabilities continue to plague supply chains, prompting a joint alert from the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) ...

The Philips Tasy EMR, used by hundreds of hospitals as a medical record solution and healthcare management system, is vulnerable to two critical SQL injection flaws. The vulnerabilities are tracked as ...

Several high-profile hacks over the past year including those at Heartland, Hannaford Bros., and 7-11, all have had one thing in common: they were launched with a SQL injection attack. Cross-site ...

Fortinet patched a critical vulnerability in its FortiClient Enterprise Management Server (EMS) software that can allow attackers to gain remote code execution (RCE) on vulnerable servers. A threat ...

Three significant waves of SQL injection attacks appear to be under the control of the same source, according to one security researcher. Three significant waves of SQL injection attacks appear to be ...

Web sites across China and Taiwan are being hit by a mass SQL injection attack that has implanted malware in thousands of Web sites, according to a security company in Taiwan. Slideshow: SQL ...