Microsoft

When prompts become shells: RCE vulnerabilities in AI agent frameworks

New research exposes how prompt injection in AI agent frameworks can lead to remote code execution. Learn how these ...
IEEE

A Survey of SQL Injection Attacks, Their Methods, and Prevention Techniques

Abstract: The vast majority of web applications' databases are vulnerable to SQL Query Injection Attacks, which let clients directly insert sensitive data. They carry out their operations by inserting ...
IEEE

Feature Fusion-Based Detection of SQL Injection and XSS Attacks

Abstract: With the rapid development of the internet, network security issues are becoming increasingly severe. SQL injection attacks and XSS attacks are two common network attack methods that pose ...
TechJuice

This Popular AI Tool Was Hacked in Just 36 Hours (Here’s What Attackers Stole)

A critical pre-authentication SQL injection vulnerability in BerriAI’s LiteLLM Python package came under active exploitation ...
The Hacker News

LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure

CVE-2026-42208 exploited within 36 hours of disclosure, exposing LiteLLM credentials, risking cloud account compromise.
GitHub

Buzur — AI Prompt Injection Defense Scanner (Python)

Buzur is an open-source 19-phase scanner that protects AI agents and LLM applications from indirect prompt injection attacks (OWASP LLM Top 10 #1). It inspects web content, URLs, images ...
GitHub

Modern Web Vulnerability Scanner

A comprehensive CLI-based web penetration testing tool with 17 detection modules, 323+ payloads, async crawling, deep endpoint discovery, subdomain enumeration, and false-positive reduction. Inspired ...
marktechpost

An Implementation Guide to Building a DuckDB-Python Analytics Pipeline with SQL, DataFrames, Parquet, UDFs, and Performance Profiling

In this tutorial, we build a comprehensive, hands-on understanding of DuckDB-Python by working through its features directly in code on Colab. We start with the fundamentals of connection management ...