Simon Willison’s Weblog

Mass Attack FAQ. Thousands of IIS Web servers have been infected with an automated mass XSS attack, not through a specific IIS vulnerability but using a universal XSS SQL query that targets SQL Server and modifies every text field to add the attack JavaScript. If an app has even a single SQL injection hole (and many do) it is likely to be compromised. 26th April 2008, 9:12 am

Django on IronPython. Dino Viehland demonstrated Django running on IronPython and SQL Server at PyCon. 17th March 2008, 4:05 pm