Searchenginejournal.com

Loginizer WordPress Vulnerability Affects +1 Million Sites

WordPress Loginizer Plugin has issued a security patch for a vulnerability that could allow a hacker to modify a database through an Unauthenticated SQL Injection ...
Bleeping Computer

Hackers exploit zero-day in Sophos XG Firewall, fix released

Sophos has fixed a zero-day SQL injection vulnerability in their XG Firewall after receiving reports that hackers actively exploited it in attacks. Sophos states that they received a report on April ...
Dark Reading

Tech Insight: SQL Injection Demystified

Several high-profile hacks over the past year including those at Heartland, Hannaford Bros., and 7-11, all have had one thing in common: they were launched with a SQL injection attack. Cross-site ...
Searchenginejournal.com

WP Google Maps Plugin Vulnerable to SQL Injection Exploit

A high priority update was issued by WP Google Maps WordPress plugin to fix a vulnerability. The plugin could allow a malicious hacker to take control of a website. It is highly recommended that users ...
Threat Post

Hackers Mount Zero-Day Attacks on Sophos Firewalls

A pre-auth SQL injection bug leading to remote code execution is at the heart of a data-stealing campaign against XG firewalls, using the Asnarok trojan. Attackers have been targeting the Sophos XG ...
PC Magazine

SQL injection

An exploit that takes advantage of database query software that does not thoroughly test the query statement for correctness. Along with cross-site scripting (see XSS), SQL injection is used to break ...