Three LiteLLM flaws let low-privilege users gain admin access and run code, exposing AI keys, secrets, prompts, and responses ...
Look to these key metrics and benchmarks to evaluate the performance, capability, reliability, and safety of your AI models ...
Prompt injection is the technique of smuggling instructions to an AI agent through content the agent reads — a document, a calendar invite, a web page, a code comment — so that hostile text carries ...
AI paid compared to those with little or none, per the IBM Cost of a Data Breach Report 2025. The same IBM 2025 research found that 13% of organizations had already suffered a breach of an AI model or ...
Our tracking of OceanLotus activities from 2024–2026 reveals a shift in operational focus. During this period, the Vietnam-aligned OceanLotus adopted a more selective approach to external operations ...
Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...
CISA added CVE-2026-42271, a high-severity LiteLLM command injection flaw, to its KEV catalog after evidence of active ...
Veil Armor is an enterprise-grade security framework for Large Language Models (LLMs) that provides multi-layered protection against prompt injections, jailbreaks, PII leakage, and sophisticated ...
An unpatched SQL injection vulnerability in the Ghost content management system has been weaponized in an active, large-scale cyberattack that has compromised more than 700 websites worldwide — ...
A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious JavaScript code that triggers ClickFix attack flows. The campaign was ...
Drupal is warning that hackers are attempting to exploit a "highly critical" SQL injection vulnerability announced earlier this week. The content management system (CMS) project published a PSA on May ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results