Flaws in OpenEMR's platform — used by more than 100,000 healthcare providers — enabled database compromise, remote code ...

CVE-2026-42208 exploited within 36 hours of disclosure, exposing LiteLLM credentials, risking cloud account compromise.

Hackers are targeting sensitive information stored in the LiteLLM open-source large-language model (LLM) gateway by ...

In today's security landscape, some of the most dangerous vulnerabilities aren't flagged by automated scanners at all. These ...

TL;DR AI risk doesn’t live in the model. It lives in the APIs behind it. Every AI interaction triggers a chain of API calls across your environment. Many of those APIs aren’t documented or tracked.

Learn how protecting software reduces breaches, downtime, and data exposure. Includes common threats like injection, XSS, and weak access.

A critical SQL injection flaw in FortiClient EMS allows remote code execution and data exfiltration, leaving thousands of internet facing systems at risk. Yet another critical flaw in a Fortinet ...

The issue allows attackers to inject SQL queries and extract sensitive information from the database. A vulnerability in the Ally WordPress plugin, which is designed for adding accessibility features ...

More than 40,000 WordPress sites using the Quiz and Survey Master plugin have been affected by a SQL injection vulnerability that allowed authenticated users to interfere with database queries. The ...

Abstract: Large language models (LLMs) are being woven into software systems at a remarkable pace. When these systems include a back-end database, LLM integration opens new attack surfaces for SQL ...

Prompt injection vulnerabilities may never be fully mitigated as a category and network defenders should instead focus on ways to reduce their impact, government security experts have warned. Then ...