GitHub

[Bug]: Crash in dynamic sql using sql_variant parameter

There is a crash when using dynamic sql with sql_variant parameters on the second execution of the dynamic SQL in a batch. exec sp_executesql N'select @P union select @P', N'@P sql_variant', 1; exec ...
IEEE

Research of SQL injection attack and prevention technology

Abstract: SQL injection attack is one of the most serious security vulnerabilities in Web application system, most of these vulnerabilities are caused by lack of input validation and SQL parameters ...
Microsoft

Enhancing reporting and analytics with SQL Server 2025 tools and services

At Microsoft Build 2025, we announced the public preview of SQL Server 2025. Built on a foundation of best-in-class security, performance, and availability, SQL Server 2025 empowers customers to ...
InfoWorld

Building a multi-zone and multi-region SQL Server Failover Cluster Instance in Azure

A step-by-step guide to deploying, configuring, and testing a multi-AZ, multi-region SQL Server FCI in the Azure cloud, complete with a PowerShell script that handles the networking configuration.
Bleeping Computer

Hackers steal data of 2 million in SQL injection, XSS attacks

A threat group named 'ResumeLooters' has stolen the personal data of over two million job seekers after compromising 65 legitimate job listing and retail sites using SQL injection and cross-site ...
SecurityWeek

Millions of User Records Stolen From 65 Websites via SQL Injection Attacks

Between November and December 2023, a threat actor successfully stole more than two million email addresses and other personal information from at least 65 websites, threat intelligence firm Group-IB ...