A severe vulnerability in the AI-powered development tool Cursor allows installed extensions to access locally stored API keys and session tokens without user action, according to LayerX researchers.

The biggest mistake people make when trying to get their ChatGPT API key is that they use the wrong URL. The key can't be found at chatgpt.com. Instead, point your browser to the OpenAI developer ...

A critical pre-authentication SQL injection vulnerability in BerriAI’s LiteLLM Python package came under active exploitation ...

Cursor flaw lets extensions steal API keys and session tokens without user interaction, according to researchers at LayerX ...

CVE-2026-42208 exploited within 36 hours of disclosure, exposing LiteLLM credentials, risking cloud account compromise.

What began as a routine staging task for a SaaS startup ended in a disaster that  would have been unthinkable just months ago: an AI agent operating as a super insider threat and triggering a ...

Visualping, the world’s leading website change detection platform used by teams at 85% of Fortune 500 companies, has ...

SINGAPORE, SINGAPORE, SINGAPORE, April 17, 2026 /EINPresswire.com/ -- Singapore, April 17, 2026 – In 2026, enterprises ...

Hackers rushed to target a critical LiteLLM SQL injection flaw to steal keys, credentials, and environment-variable ...

Visualping, the world's leading website change detection platform used by teams at 85% of Fortune 500 companies, has ...

Vercel confirms a security incident after a threat actor claims internal access and demands a $2M ransom, raising concerns about API keys, CI/CD pipelines, and cloud security.

Breach tied to compromised AI tool may have exposed credentials used by app frontends, the user-facing layer that connects ...