latesthackingnews.com

LiteLLM Vulnerability Chain: What Security Teams Running AI Gateways Need to Do Now

A three-CVE chain lets any default LiteLLM user escalate to admin and get a shell on the gateway server. A separate RCE is ...
The Hacker News

LiteLLM Vulnerability Chain Lets Low-Privilege Users Take Over AI Gateway Servers

Three LiteLLM flaws let low-privilege users gain admin access and run code, exposing AI keys, secrets, prompts, and responses ...

They Bought a Famous Puzzle in Cryptography. Now They’re Opening It Up.

A San Francisco company paid nearly $1 million for the solution to an unsolved code in Kryptos, a sculpture on the C.I.A.

Miasma worms its way onto GitHub as attack kit goes open source

As if the Miasma situation weren't bad enough, now this weapon is spreading like wildfire. Someone open sourced the entire ...
SecurityWeek

OpenSSL Patches High-Severity Vulnerability Found With AI

The latest OpenSSL releases patch 18 vulnerabilities, including a high-severity issue that could allow remote code execution.
Decrypt

OpenAI Wants to Kill the Chatbot It Invented and Turn It Into a Superapp

The company that launched ChatGPT in 2022 is now betting its future on something closer to WeChat than a Q&A box.
The Hacker News

Researchers Build Self-Replicating AI Worm That Operates Entirely on Local, Open-Weight Models

An AI-driven worm using a local open-weight LLM autonomously exploited and replicated across 62% of a 33-host test network in ...
Tech Times

Agentic AI Security Alarm at Infosecurity Europe: Free LLM Now Powers Adaptive Worm

Agentic AI security dominated Infosecurity Europe 2026 as Toronto researchers proved a free open-weight AI worm can ...
Dark Reading

Rust-Written IronWorm Hits NPM Supply Chain

A newly discovered malware campaign targeting the open source software ecosystem underscores how rapidly supply chain threats are evolving. The campaign, which JFrog has dubbed "IronWorm," targets ...
Meduza

Russia’s federal censor denies blocking Python’s package index as developers scramble for workarounds

On Monday, Russian users found they could no longer reach PyPI, the package repository that Python developers rely on for ...
9to5Mac

iOS 26.5 gave Messages app encrypted RCS, here’s how to check it’s working

One of the many benefits of using iMessage is that you know your conversations are always end-to-end encrypted. That level of security has never previously extended to green bubble conversations. But ...