The Register on MSN

Attackers finally get around to exploiting critical Microsoft bug from 2024

As if admins haven't had enough to do this week Ignore patches at your own risk. According to Uncle Sam, a SQL injection flaw in Microsoft Configuration Manager patched in October 2024 is now being ...

CISA flags critical Microsoft SCCM flaw as exploited in attacks

CISA ordered federal agencies on Thursday to secure their systems against a critical Microsoft Configuration Manager vulnerability patched in October 2024 and now exploited in attacks.
IEEE

DaMiT-SQL: Detecting and Mitigating Text-to-SQL Prompt Injection Attacks

Abstract: Large Language Models (LLMs) are known for their ability to understand and respond to human instructions/prompts. As such, LLMs can be used to produce natural language interfaces for ...
IEEE

SQL Injection in LLM-Generated Queries: Systematic Analysis of Detection Gaps and Security Risks

Abstract: Large language models (LLMs) are being woven into software systems at a remarkable pace. When these systems include a back-end database, LLM integration opens new attack surfaces for SQL ...