latesthackingnews.com

LiteLLM Vulnerability Chain: What Security Teams Running AI Gateways Need to Do Now

A three-CVE chain lets any default LiteLLM user escalate to admin and get a shell on the gateway server. A separate RCE is ...
Bleeping Computer

CISA flags Windows Task Host vulnerability as exploited in attacks

CISA warned U.S. government agencies to secure their systems against a Windows Task Host privilege escalation vulnerability that could allow attackers to gain SYSTEM privileges. Task Host is a core ...
Searchenginejournal.com

Vulnerabilities Discovered in Five WooCommerce WordPress Plugins

The U.S government National Vulnerability Database (NVD) published warnings of vulnerabilities in five WooCommerce WordPress plugins affecting over 135,000 installations. Many of the vulnerabilities ...
SiliconANGLE

Synopsys researchers uncover prompt injection vulnerability in EmailGPT

The emergence of generative artificial intelligence services has produced a steady increase in what is typically referred to as “prompt injection” hacks, manipulating large language models through ...
Bleeping Computer

Are Copilot prompt injection flaws vulnerabilities or AI limits?

Microsoft has pushed back against claims that multiple prompt injection and sandbox-related issues raised by a security engineer in its Copilot AI assistant constitute security vulnerabilities. The ...
TechRepublic

Zero-day MOVEit Transfer vulnerability exploited in the wild, heavily targeting North America

Read the technical details about this zero-day MoveIT vulnerability, find out who is at risk, and learn how to detect and protect against this cybersecurity threat. The Cybersecurity & Infrastructure ...