Major Security Breach Of Critical AI Dependency Exposes Cloud Secrets

A cyber attack hit LiteLLM, an open-source library used in many AI systems, carrying malicious code that stole credentials ...
CSO Online

Attackers exploit critical Langflow RCE within hours as CISA sounds alarm

Attackers weaponized critical RCE within hours, prompting CISA to add the flaw to its KEV catalog and set an urgent patch ...

Malware in an Open-Source Project Could Have Infected Thousands. The Twist? It Was Certified by Delve

McMahon wrote that the malware was likely vibe coded, and sloppily at that, leading to the so-called “fork bomb” that crashed ...

Silicon Valley’s two biggest dramas have intersected: LiteLLM and Delve

LiteLLM offers an AI open source project used by millions that was infected by credential harvesting malware.

A major hacking tool has leaked online, putting millions of iPhones at risk. Here’s what you need to know

Here’s what we know, and what you need to know, about Coruna and DarkSword, two advanced iPhone hacking tools discovered by ...

Point Wild Releases Free LiteLLM Vulnerability Scanner Within 24 Hours of Supply Chain Attack

New AI-powered scanner -- who-touched-my-packages -- detects zero-day malicious packages and credential exfiltration in seconds BOSTON, March 26, 2026 /PRNewswire/ -- Point Wild, a leading global ...
The Hacker News

Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website

Claude extension flaw enabled silent prompt injection via XSS and weak allowlist, risking data theft and impersonation until ...

Hackers are exploiting a vulnerability in lots of e-commerce sites

Magento and Adobe Commerce sites are affected, but a fix is in the works.