The Hacker News

LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure

CVE-2026-42208 exploited within 36 hours of disclosure, exposing LiteLLM credentials, risking cloud account compromise.

ProFTPD: Code injection via mod_sql possible

The FTP server ProFTPD includes a module called mod_sql. It contains an SQL injection vulnerability that can ultimately lead ...
Dark Reading

AI Finds 38 Security Flaws in Electronic Health Record Platform

Flaws in OpenEMR's platform — used by more than 100,000 healthcare providers — enabled database compromise, remote code ...
Hackaday

This Week In Security: State Malware, State Hardware Bans, And Stuxnet Before Stuxnet Was Cool

Making headlines everywhere is the CopyFail Linux kernel vulnerability, which allows local privilege escalation (LPE) from any user to root privileges on most kernels and distributions. Local ...
Opinion
Virtualization ReviewOpinion

License to Thrill ... Meet Agent 365

Microsoft 365 E7 bundles Copilot, the Entra Suite, and the full Defender and Purview protection suites -- and with it, Agent 365 gives IT admins comprehensive control over AI agent discovery, ...

Indirect Prompt Injection Is Now a Real-World AI Security Threat

AI agents are now being weaponized through prompt injection, exposing why model guardrails are not enough to protect ...
SecurityWeek

Fresh LiteLLM Vulnerability Exploited Shortly After Disclosure

Hackers rushed to target a critical LiteLLM SQL injection flaw to steal keys, credentials, and environment-variable ...

From XSS to RCE: How to hijack a DotNetNuke server via a single script injection

Over 750,000 websites require patching following discovery of DotNetNuke XSS vulnerability ...
Healio

Headline News

DENVER — In patients with low to moderate myopia, smoking was found to be a risk factor for vision impairment, according to a poster presentation at the Association for Research in Vision and ...