SecurityWeek

Fresh LiteLLM Vulnerability Exploited Shortly After Disclosure

Hackers rushed to target a critical LiteLLM SQL injection flaw to steal keys, credentials, and environment-variable ...
The Hacker News

LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure

CVE-2026-42208 exploited within 36 hours of disclosure, exposing LiteLLM credentials, risking cloud account compromise.

Hackers are exploiting a critical LiteLLM pre-auth SQLi flaw

Hackers are targeting sensitive information stored in the LiteLLM open-source large-language model (LLM) gateway by ...
Security Boulevard

The Invisible Threat: Business Logic Flaws in Modern Applications and Why Scanners Miss Them

In today's security landscape, some of the most dangerous vulnerabilities aren't flagged by automated scanners at all. These ...
Computer Weekly

April Patch Tuesday brings zero-days in Defender, SharePoint Server

The latest monthly Patch Tuesday update from Microsoft landed earlier on 14 April, including two notable zero-day flaws amid a total of over 160 distinct issues, and almost 250 accounting for ...
CSOonline

Fortinet hit by another exploited cybersecurity flaw

A critical SQL injection flaw in FortiClient EMS allows remote code execution and data exfiltration, leaving thousands of internet facing systems at risk. Yet another critical flaw in a Fortinet ...
SecurityWeek

Ally WordPress Plugin Flaw Exposes Over 200,000 Websites to Attacks

The issue allows attackers to inject SQL queries and extract sensitive information from the database. A vulnerability in the Ally WordPress plugin, which is designed for adding accessibility features ...
GameSpot

Resident Evil Movie Script Reportedly Leaks, And It's Shocking Some People

GameSpot may get a commission from retail offers. When Barbarian and Weapons director Zach Cregger signed on to helm the next Resident Evil movie, it was described as "a revamp that will take the ...
The New York Times

F.T.C. Settles With Express Scripts Over High Insulin Prices

The Trump administration announced that the company, a pharmacy benefit manager, had agreed to make significant changes to its practices. By Rebecca Robbins and Reed Abelson The reporters have ...
Infosecurity-magazine.com

SQL Injection Flaw Affects 40,000 WordPress Sites

More than 40,000 WordPress sites using the Quiz and Survey Master plugin have been affected by a SQL injection vulnerability that allowed authenticated users to interfere with database queries. The ...
IEEE

SQL Injection in LLM-Generated Queries: Systematic Analysis of Detection Gaps and Security Risks

Abstract: Large language models (LLMs) are being woven into software systems at a remarkable pace. When these systems include a back-end database, LLM integration opens new attack surfaces for SQL ...
IEEE

A Hybrid Deep Learning Model for SQL Injection Attack Detection

Abstract: An increasing number of web application services raises significant security concerns. Online access to these applications exposes them to multiple cyberattacks. The Open Web Application ...