Simon Willison’s Weblog

2nd May 2008 - Link Blog

How one site dealt with SQL injection attack (via) Horrifying story of developer incompetence from Autoweb: “The contractor had no idea how to find and fix the Web page vulnerability that allowed the SQL injection attack code to execute successfully.”

Posted 2nd May 2008 at 9:01 pm

Recent articles

The Axios supply chain attack used individually targeted social engineering - 3rd April 2026
Highlights from my conversation about agentic engineering on Lenny's Podcast - 2nd April 2026
Mr. Chatterbox is a (weak) Victorian-era ethically trained model you can run on your own computer - 30th March 2026

This is a link post by Simon Willison, posted on 2nd May 2008.

autoweb 1 incompetence 1 security 594 sql-injection 18

Monthly briefing

Sponsor me for $10/month and get a curated email digest of the month's most important LLM developments.

Pay me to send you less!

Sponsor & subscribe