The Hacker News

LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure

CVE-2026-42208 exploited within 36 hours of disclosure, exposing LiteLLM credentials, risking cloud account compromise.
HealthcareInfoSecurity

AI Agent Wipes Startup's Data in 9-Second API Call

A Claude Opus 4.6-powered coding agent erased three months of PocketOS production data in a single API call after misusing an ...

AI coding agent running Claude wiped a startup's database (and its backups) in 9 seconds

PocketOS, which provides software to car rental businesses, was using the agent against live infrastructure rather than ...