The Hacker News

Salesforce Patches Critical ForcedLeak Bug Exposing CRM Data via AI Prompt Injection

ForcedLeak flaw in Salesforce Agentforce allows data exfiltration via indirect prompt injection; Salesforce issues patch.
dbta

Harden Your Applications to Combat SQL Injection

An important aspect of database security is designing your applications to avoid SQL injection attacks. SQL injection is a form of web hacking whereby SQL statements are specified in the fields of a ...
eWeek

A Context-Aware Approach to SQL Injections

California advances AI safety with SB 53, requiring transparency and risk reporting. Anthropic backs the bill, calling it a “trust but verify” approach. AI-driven automation is the theme of this ...
CSOonline

Oracle database firewall defuses SQL injection attacks

LEARN MORE: Amazon to offer Oracle’s database in the cloud When it detects suspicious statements within SQL traffic — ones that might indicate SQL injection attacks, for example — it can replace them ...
Hyperallergic

First Online Slavery Database Gets a $1.4M Injection From Mellon Foundation

Success! Your account was created and you’re signed in. Please visit My Account to verify and manage your account. An account was already registered with this email. Please check your inbox for an ...
SDxCentral

Fortinet Firewall, Web Apps Hit by Security Flaw

Threat researchers at Positive Technologies have discovered four security vulnerabilities affecting Fortinet's FortiWeb firewalls and web applications and is advising customers to update their ...
Bleeping Computer

Massive Balada Injector campaign attacking WordPress sites since 2017

An estimated one million WordPress websites have been compromised during a long-lasting campaign that exploits "all known and recently discovered theme and plugin vulnerabilities" to inject a Linux ...