The Hacker News

LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure

CVE-2026-42208 exploited within 36 hours of disclosure, exposing LiteLLM credentials, risking cloud account compromise.
BizTech

A Guide to Combatting SQL Injection Attacks

SQL injection attacks are among the oldest exploits against web applications, dating back more than a decade. Sadly, despite the fact that it is fairly easy to defend against these injection attacks, ...

ProFTPD: Code injection via mod_sql possible

The FTP server ProFTPD includes a module called mod_sql. It contains an SQL injection vulnerability that can ultimately lead ...
Dark Reading

AI Finds 38 Security Flaws in Electronic Health Record Platform

Flaws in OpenEMR's platform — used by more than 100,000 healthcare providers — enabled database compromise, remote code ...

How indirect prompt injection attacks on AI work - and 6 ways to shut them down

How indirect prompt injection attacks on AI work - and 6 ways to shut them down ...

Why Application Security Now Shapes Everyday Digital Trust

Learn how protecting software reduces breaches, downtime, and data exposure. Includes common threats like injection, XSS, and weak access.
Hackaday

This Week In Security: State Malware, State Hardware Bans, And Stuxnet Before Stuxnet Was Cool

Making headlines everywhere is the CopyFail Linux kernel vulnerability, which allows local privilege escalation (LPE) from any user to root privileges on most kernels and distributions. Local ...
Security Boulevard

Why API Discovery Is the First Step to Securing AI

TL;DR AI risk doesn’t live in the model. It lives in the APIs behind it. Every AI interaction triggers a chain of API calls across your environment. Many of those APIs aren’t documented or tracked.

Can peptide injections help people recover from injuries? Here’s what you need to know

It’s tough to avoid the current hype about the health benefits of injecting peptides. Although these substances – essentially ...