The Hacker News

LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure

CVE-2026-42208 exploited within 36 hours of disclosure, exposing LiteLLM credentials, risking cloud account compromise.

ProFTPD: Code injection via mod_sql possible

The FTP server ProFTPD includes a module called mod_sql. It contains an SQL injection vulnerability that can ultimately lead ...
Dark Reading

AI Finds 38 Security Flaws in Electronic Health Record Platform

Flaws in OpenEMR's platform — used by more than 100,000 healthcare providers — enabled database compromise, remote code ...

How indirect prompt injection attacks on AI work - and 6 ways to shut them down

How indirect prompt injection attacks on AI work - and 6 ways to shut them down ...
Security Boulevard

Why API Discovery Is the First Step to Securing AI

TL;DR AI risk doesn’t live in the model. It lives in the APIs behind it. Every AI interaction triggers a chain of API calls across your environment. Many of those APIs aren’t documented or tracked.

Can peptide injections help people recover from injuries? Here’s what you need to know

It’s tough to avoid the current hype about the health benefits of injecting peptides. Although these substances – essentially ...
Redmond Magazine

Why Microsoft Is Still Betting Big on SQL Server in a Cloud-First World

Microsoft's continued focus on SQL Server 2025 highlights the lasting demand for on-premises and hybrid deployments that prioritize performance, control and flexibility for enterprise workloads. In ...
Microsoft

When prompts become shells: RCE vulnerabilities in AI agent frameworks

New research exposes how prompt injection in AI agent frameworks can lead to remote code execution. Learn how these ...