From XSS to RCE: How to hijack a DotNetNuke server via a single script injection

Over 750,000 websites require patching following discovery of DotNetNuke XSS vulnerability ...
Infosecurity Magazine

Cursor Extension Flaw Exposes Developer API Keys

Cursor flaw lets extensions steal API keys and session tokens without user interaction, according to researchers at LayerX ...
The Hacker News

LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure

CVE-2026-42208 exploited within 36 hours of disclosure, exposing LiteLLM credentials, risking cloud account compromise.

ClickUp Data Leak Exposes Enterprise Emails for Over a Year

A hardcoded ClickUp API key exposed hundreds of corporate and government emails for over a year, raising new SaaS security ...

Hackers are exploiting a critical LiteLLM pre-auth SQLi flaw

Hackers are targeting sensitive information stored in the LiteLLM open-source large-language model (LLM) gateway by ...
Hosted on MSN

Level up SharePoint authentication with MSAL integration

Developers are increasingly adopting Microsoft Authentication Library (MSAL) for stronger, more flexible authentication in SharePoint Framework (SPFx) solutions. This enables secure token handling, ...
The Security Ledger

How Claude Planted Malicious Code In A Crypto-Trading App

A new report from ReversingLabs identified a new tactic by North Korean hackers: feeding malicious code to the AI systems ...
Security Info Watch

Integration Goes to Zero

Autonomous AI agents are handing systems integrators a capability that vendors never could: the power to roll your own ...
The Herald-Mail

Salt Security Research: As AI Agents Outpace Security, Most Organizations Face an Unsecured API Surge

PALO ALTO, CA, UNITED STATES, April 8, 2026 /EINPresswire.com/ — The latest State of AI and API Security Report Finds Almost Half of Organizations Have Delayed AI ...