The Hacker News

LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure

CVE-2026-42208 exploited within 36 hours of disclosure, exposing LiteLLM credentials, risking cloud account compromise.

PyPI package with 1.1M monthly downloads hacked to push infostealer

An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive ...