The Hacker News

Researchers Build Self-Replicating AI Worm That Operates Entirely on Local, Open-Weight Models

An AI-driven worm using a local open-weight LLM autonomously exploited and replicated across 62% of a 33-host test network in ...
SecurityWeek

Drupal Patches Highly Critical Vulnerability Exposing Websites to Hacking

Drupal has patched a highly critical vulnerability that could allow threat actors to hack websites powered by the open source content management system (CMS). The developers of the CMS had alerted ...
CSOonline

Drupal admins rushing to patch maximum severity SQL injection vulnerability

Administrators of the Drupal open source content management platform are rushing to install an emergency patch issued today to fix a “highly critical” SQL injection vulnerability in the application’s ...
ProPublica

Babies Are Bleeding to Death as Parents Reject a Vitamin Shot Given at Birth

ProPublica is a nonprofit newsroom that investigates abuses of power. Sign up for Dispatches, a newsletter that spotlights wrongdoing around the country, to receive our stories in your inbox every ...
The Hacker News

LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure

In yet another instance of threat actors quickly jumping on the exploitation bandwagon, a newly disclosed critical security flaw in BerriAI's LiteLLM Python package has come under active exploitation ...
marktechpost

An Implementation Guide to Building a DuckDB-Python Analytics Pipeline with SQL, DataFrames, Parquet, UDFs, and Performance Profiling

In this tutorial, we build a comprehensive, hands-on understanding of DuckDB-Python by working through its features directly in code on Colab. We start with the fundamentals of connection management ...
CSOonline

Fortinet hit by another exploited cybersecurity flaw

A critical SQL injection flaw in FortiClient EMS allows remote code execution and data exfiltration, leaving thousands of internet facing systems at risk. Yet another critical flaw in a Fortinet ...
PC Tech Magazine

Top 7 Courses for Professionals Moving into Data Analyst and BI Roles with Python, SQL, Power BI, and Tableau in 2026

Data work in 2026 asks for more than chart building. Professionals are expected to clean data, query databases, explain trends, and present findings clearly across business, finance, product, and ...
TechRepublic

Security Flaw in WordPress Plugin Puts 400,000 Websites at Risk

A security flaw in the Ally WordPress plugin used on more than 400,000 sites could allow attackers to extract sensitive data without logging in. A vulnerability in a widely used WordPress ...
SecurityWeek

Ally WordPress Plugin Flaw Exposes Over 200,000 Websites to Attacks

The issue allows attackers to inject SQL queries and extract sensitive information from the database. A vulnerability in the Ally WordPress plugin, which is designed for adding accessibility features ...
Bleeping Computer

SQLi flaw in Elementor Ally plugin impacts 250k+ WordPress sites

An SQL injection vulnerability in Ally, a WordPress plugin from Elementor for web accessibility and usability with more than 400,000 installations, could be exploited to steal sensitive data without ...
Detroit Free Press

PointGuard AI Launches Advanced Guardrails to Prevent Indirect Prompt Injection Attacks

SAN JOSE, CA, UNITED STATES, March 4, 2026 /EINPresswire.com/ — PointGuard AI today announced the availability of Advanced Guardrails designed to prevent Indirect ...