CSOonline

SQL injection, XSS vulnerabilities continue to plague organizations

Errors that allow SQL injection and cross-site scripting attacks are still the top vulnerabilities that pen-testers find, especially at smaller companies. Despite years topping vulnerability lists, ...
SecurityWeek

MITRE Releases 2025 List of Top 25 Most Dangerous Software Vulnerabilities

MITRE has released the 2025 CWE Top 25 most dangerous software vulnerabilities list, which includes three new buffer overflow ...
Infosecurity Magazine

UK NCSC Raises Alarms Over Prompt Injection Attacks

The UK’s National Cyber Security Centre has warned of the dangers of comparing prompt injection to SQL injection ...
Threat Post

SQL Injection Attack is Tied to Election Commission Breach

A hacker offered to sell an unpatched system vulnerability in the U.S. Election Assistance Commission website on the Dark Web for “thousands” of dollars. Just as cybersecurity concerns over the U.S.
CSOonline

Critical Magento SQL injection flaw could be targeted by hackers soon

The Magento content management system used by thousands of online shops has received fixes for several serious vulnerabilities, including an unauthenticated SQL injection flaw that’s likely to soon ...
Bleeping Computer

Latest SQL Injection news

Fortinet patched a critical vulnerability in its FortiClient Enterprise Management Server (EMS) software that can allow attackers to gain remote code execution (RCE) on vulnerable servers. A threat ...