In 2024, SQL injection remains the #3 web vulnerability in the OWASP Top 10, with 32% of all web app breaches traced to unpatched injection flaws. Yet most developers can’t explain how their go-to scanners actually detect it—until now. 📡 Hacker News Top Stories Right Now Localsend: An open-source cross-platform alternative to AirDrop (226 points) Microsoft VibeVoice: Open-Source Frontier Voice AI (103 points) Show HN: Live Sun and Moon Dashboard with NASA Footage (15 points) The World's Most Complex Machine (187 points) Talkie: a 13B vintage language model from 1930 (482 points) Key Insights OWASP ZAP 2.15 detects 94% of SQLi payloads in the SQLMap test suite, vs 97% for Burp Suite 2024.6 in identical benchmark runs ZAP 2.15’s passive scanner adds 0.2ms overhead per request, while Burp’s active scanner consumes 4x more memory per concurrent scan Self-hosted ZAP scans cost $0.02 per 10k requests, compared to $0.89 for Burp Suite Enterprise per equivalent scan volume By 2025, 60% of SQLi detection will shift…