Breach Security has released their annual Web Hacking Incidents Database (WHID) report. The focus is on the massive SQL Injection (SQLi) attacks seen online last year, and according to the data, more than 500,000 sites were compromised. The report states that SQLi attacks, with the aim of planting Malware on a compromised site, were the number one vector of attack in 2008.
Another interesting aspect of the report centers on the site defacements seen in 2008.
Source: Tech Herald