Security news aggregator

Latest coverage for SQL

SQL is the language used to query databases, making injection flaws, insecure permissions, and exposed data important security risks.

4 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

SQL is the language commonly used to query and modify relational databases, which store structured application data such as accounts, transactions, and records. In information security, SQL matters both as a core data-access technology and through vulnerabilities in the applications, database engines, and administration interfaces that use it.

SQL injection occurs when an application combines untrusted input with SQL commands, allowing an attacker—depending on the flaw and database permissions—to read, alter, or delete data or bypass application controls. Developers should use parameterized queries or prepared statements, avoid building commands through string concatenation, and apply least-privilege database accounts. Security teams should also track database and driver vulnerabilities, restrict administrative access, protect credentials, and monitor query and authentication logs. Input validation can supplement these controls but is not a reliable substitute for separating data from executable SQL.

Showing 4 most recent headlines Filtered view

Threat actors who were behind the exploitation of a zero-day vulnerability in BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) products in December 2024 likely also exploited a previously unknown SQL injection flaw in PostgreSQL, according to findings from Rapid7

Bank Info Security 1 year, 5 months ago

Security Researchers Warn of New Risks in DeepSeek AI App

Weak Encryption, Data Transfers to China, Hidden ByteDance Links FoundSecurity researchers found DeepSeek AI has weak encryption, SQL injection flaws and sends user data to Chinese state-linked entities. Its AI model failed jailbreak tests, making it prone to manipulation. Regulators in Europe, South Korea, and Australia are investigating, with bans and warnings issued over security risks.