A critical pre-authentication SQL injection vulnerability in BerriAI’s LiteLLM Python package came under active exploitation ...

CVE-2026-42208 exploited within 36 hours of disclosure, exposing LiteLLM credentials, risking cloud account compromise.

A widely used open-source PyPI package, elementary-data, was compromised in a targeted attack that inserted infostealer malware via a GitHub Actions vulnerability. The malicious update, version 0.23.3 ...

An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive ...

People hacking branded AI bots can result in significant reputational, financial, and legal consequences. There appears to be ...

Anthropic fixed a significant vulnerability in Claude Code's handling of memories, but experts caution that memory files will ...

An unpatched vulnerability in Anthropic's Model Context Protocol creates a channel for attackers, forcing banks to manage the ...

CVE-2026-5760 (CVSS 9.8) exposes SGLang via /v1/rerank endpoint, enabling RCE through malicious GGUF models, risking server ...

A design flaw – or expected behavior based on a bad design choice, depending on who is telling the story – baked into ...

As AI agents increasingly rely on third-party API routers, criminals are using this dependence to trick users and inject malicious code into their machines.

OpenClaw is AI assistant designed to perform tasks like booking flights, managing emails. The craze, risks to Beijing's tech plans, News18 explains ...