Dark Reading

New Plug-ins Help Firefox Find XSS, SQL Injection

4:14 PM -- Two new Firefox plug-ins were released last month to assist developers and security professionals in testing for cross-site scripting (XSS) and SQL injection vulnerabilities. Even though ...
Threat Post

Telegram-Controlled Hacking Tool Targets SQL Injection at Scale

The Katyusha Scanner can find SQL injection bugs at scale, and is managed via the Telegram messenger on any smartphone. A black market hacking tool has the potential to rapidly conduct website scans ...
InfoQ

Security Experts Exploit Airport Security Loophole with SQL Injection

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Cory Benfield discusses the evolution of ...
CSOonline

What is SQL injection? How these attacks work and how to prevent them

Immortalized by “Little Bobby Drop Tables” in XKCD 327, SQL injection (SQLi) was first discovered in 1998, yet continues to plague web applications across the internet. Even the OWASP Top Ten lists ...
Dark Reading

CISA Seeks to Curtail 'Unforgivable' SQL Injection Defects

SQL injection vulnerabilities continue to plague supply chains, prompting a joint alert from the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) ...
Bleeping Computer

CISA urges software devs to weed out SQL injection vulnerabilities

CISA and the FBI urged executives of technology manufacturing companies to prompt formal reviews of their organizations' software and implement mitigations to eliminate SQL injection (SQLi) security ...
CSOonline

SQL injection, XSS vulnerabilities continue to plague organizations

Errors that allow SQL injection and cross-site scripting attacks are still the top vulnerabilities that pen-testers find, especially at smaller companies. Despite years topping vulnerability lists, ...