The Hacker News

LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure

CVE-2026-42208 exploited within 36 hours of disclosure, exposing LiteLLM credentials, risking cloud account compromise.
Dark Reading

AI Finds 38 Security Flaws in Electronic Health Record Platform

Flaws in OpenEMR's platform — used by more than 100,000 healthcare providers — enabled database compromise, remote code ...
Hackaday

This Week In Security: State Malware, State Hardware Bans, And Stuxnet Before Stuxnet Was Cool

Making headlines everywhere is the CopyFail Linux kernel vulnerability, which allows local privilege escalation (LPE) from any user to root privileges on most kernels and distributions. Local ...
Security Boulevard

The Future of AI Defense: Implementing Quantum-Resistant Cryptography for MCP

The post The Future of AI Defense: Implementing Quantum-Resistant Cryptography for MCP appeared first on Read the Gopher ...
Security Boulevard

Post-Quantum AI Infrastructure Security: Protecting MCP Deployments in 2026

The post Post-Quantum AI Infrastructure Security: Protecting MCP Deployments in 2026 appeared first on Read the Gopher Security's Quantum Safety Blog.
SecurityWeek

Malicious AI Prompt Injection Attacks Increasing, but Sophistication Still Low: Google

Google has analyzed AI indirect prompt injection attempts involving sites on the public web and noticed an increase in ...

From XSS to RCE: How to hijack a DotNetNuke server via a single script injection

Over 750,000 websites require patching following discovery of DotNetNuke XSS vulnerability ...

Critrical cPanel flaw mass-exploited in "Sorry" ransomware attacks

A new disclosed cPanel flaw tracked as CVE-2026-41940 is being mass-exploited to breach websites and encrypt data in "Sorry" ...

New cPanel patch addresses CRLF injection flaw that could grant root server access

The vulnerability has been given a severity score of 9,8, and administrators should patch immediately.