A well known hacking group "Nullcrew" once again most active hacking group right now. Dumping database from number of websites daily. Their latest target was World Health Organization (WHO) website.
Well, World Health Organization website (who.int) need treatment now, because their admin panel credentials are leaked on internet by hacking crew.
Hacker also disclose the Vulnerable link and Vulnerability type was Sql injection. SQL Injection is one of the many web attack mechanisms used by hackers to steal data from organizations. It is perhaps one of the most common application layer attack techniques used today.
It is the type of attack that takes advantage of improper coding of your web applications that allows hacker to inject SQL commands into say a login form to allow them to gain access to the data held within your database.
Web application security is much more challenging than infrastructure. The top Web application vulnerabilities occur and re-occur time and again. According to survey results, only 51 percent of organizations currently have coders conduct security testing, and only 40 percent of organizations report they test during development. Vulnerabilities like these fall often outside the traditional expertise of network security managers.
To help you understand how to minimize these risks, Qualys provides this guide "Web Application Security; How to Minimize Prevalent Risk of Attacks" as a primer to web application security.