More than 50,000 webpages have been compromised in an SQL injection attack that has been dubbed Lizamoon. Security firm Websense Inc. has been tracking the attack since it first appeared on March 29.

SQL injection attacks work by placing commands written in the database manipulation language SQL (short for ) into, for example, the username field on a website’s login page. Incorrect handling of the ...

SQL injection attacks are on the rise, overall, since valuable data is held within databases, said Paul Davie, founder and chief operating officer of Secerno, a security vendor that develops ...

That attack was tailored to target Microsoft’s SQL Server. Correction: This story as originally posted incorrectly stated the nature of a mass SQL injection attack in January.