ITWire

{JS-ON: Security-OFF}: Abusing JSON-based SQL to bypass WAF

GUEST RESEARCH: Web application firewalls (WAF) are designed to safeguard web-based applications and APIs from malicious external HTTPs traffic, most notably cross-site scripting and SQL injection ...
CSOonline

JSON-based SQL injection attacks trigger need to update web application firewalls

Security researchers have developed a generic technique for SQL injection that bypasses multiple web application firewalls (WAFs). At the core of the issue was WAF vendors failing to add support for ...
InfoWorld

Microsoft beefs up SQL Server 2025 for AI-driven applications

A public preview of SQL Server 2025 adds new vector capabilities already found in rival databases, along with JSON support and change event streaming. Microsoft is moving SQL Server 2025 into public ...