7,000 Langflow servers are under attack. LangGraph and LangChain have the same holes

Attackers are actively exploiting path traversal and SQL injection in Langflow, LangGraph, and LangChain — below where your ...
Tech Times

GitHub Copilot CLI Adds Pre-Commit Security Scanner: LLM Inference at the Detection Layer

GitHub Copilot security scanning arrives in the terminal with /security-review, an experimental pre-commit slash command that ...

Coempt gave CBSE cyber certificates that were expired, tied to other client

The cybersecurity certificates submitted to CBSE for its OSM platform were outdated and covered a different client's deployment, raising questions on the platform's actual security. | India News ...
IBTimes UK

Instagram Hackers Bypass Two-Factor Authentication Using 'Flawed' Meta AI Support System to Steal Rare Verified Accounts

Attackers did not crack a password, intercept a verification code or breach a single server; they simply asked Meta's own AI to hand over the keys. A critical logical flaw in Meta's AI-powered ...
techtimes

Shannon Lite v1.2.0 on Claude Opus 4.7: Anthropic’s New Cyber Safeguards Require Pentesters to Enroll Before Scans

Shannon Lite, the autonomous white-box penetration testing tool built by San Francisco-based Keygraph, shipped version 1.2.0 on May 6, 2026, upgrading its underlying model from Claude Opus 4.6 to ...
ZDNet

These 4 critical AI vulnerabilities are being exploited faster than defenders can respond

As AI adoption speeds ahead, major security flaws remain unsolved. Users and businesses should stay up to date on vulnerabilities. These four major issues still plague AI integration. AI systems are ...
Dark Reading

AI Agents Undermine Progress in Browser Security

Browser security is far from perfect, but technologists and cybersecurity researchers have built a security model that, for the most part, works. However, artificial intelligence (AI) agents could be ...
VentureBeat

The 11 runtime attacks breaking AI security — and how CISOs are stopping them

Enterprise security teams are losing ground to AI-enabled attacks — not because defenses are weak, but because the threat model has shifted. As AI agents move into production, attackers are exploiting ...
TechRadar

Prompt injection attacks might 'never be properly mitigated' UK NCSC warns

But, SQL injection was ultimately better understood, and new safeguards became standard. For LLMs, developers should treat them as “inherently confusable deputies”, and thus design systems that limit ...
Krebs on Security

The Cloudflare Outage May Be a Security Roadmap

An intermittent outage at Cloudflare on Tuesday briefly knocked many of the Internet’s top destinations offline. Some affected Cloudflare customers were able to pivot away from the platform ...
Cloud Security Alliance

Evaluating PyRIT for Agentic AI Red Teaming

Evaluate the effectiveness of Microsoft’s Python Risk Identification Toolkit (PyRIT) for agentic AI red teaming. Address evolving autonomous AI system threats.
GitHub

Skills Assessment - SQL Injection Fundamentals

This report presents the findings from a comprehensive web application security assessment conducted for Inlanefreight. The assessment focused on identifying SQL injection vulnerabilities within a ...