7,000 Langflow servers are under attack. LangGraph and LangChain have the same holes

Attackers are actively exploiting path traversal and SQL injection in Langflow, LangGraph, and LangChain — below where your ...
techtimes

AI Agent Security Hits Its Reckoning: Prompt Injection May Be a Permanent Flaw, Not a Patchable Bug

Prompt injection is the technique of smuggling instructions to an AI agent through content the agent reads — a document, a calendar invite, a web page, a code comment — so that hostile text carries ...
The Hacker News

LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure

In yet another instance of threat actors quickly jumping on the exploitation bandwagon, a newly disclosed critical security flaw in BerriAI's LiteLLM Python package has come under active exploitation ...
Hosted on MSN

LangChain framework hit by several worrying security issues — here's what we know

LangChain and LangGraph patch three high-severity flaws exposing files, secrets, and conversation histories Vulnerabilities included path traversal, deserialization leaks, and SQL injection in SQLite ...
alleywatch.com

Concourse Raises $12M to Connect AI Agents Directly to Enterprise Financial Stacks

As enterprises race to embed AI into their operations, finance teams find themselves caught in a paradox: they need to move faster than ever to support business growth, yet 75% of their time is ...
GitHub

RedHawks-Cyber-Research/VulnerableCodes

Configure the SAST tool to scan the root of this directory. Identify vulnerabilities in the codebase (e.g., SQL injection, XSS, command injection, buffer overflows).
VentureBeat

Forrester: Gen AI is a chaos agent, models are wrong 60% of the time

The shark from Jaws attacked without warning, showing how an apex predator exploits chaos to create lethal, devastating harm on its prey. Now, Forrester says, gen AI has become that predator in the ...
theregister

Anthropic's Claude Code runs code to test if it is safe – which might be a big mistake

App security outfit Checkmarx says automated reviews in Anthropic's Claude Code can catch some bugs but miss others – and sometimes create new risks by executing code while testing it. Anthropic ...
Mashable

Just $35 gets you 18 ethical hacking courses you own forever

The following content is brought to you by Mashable partners. If you buy a product featured here, we may earn an affiliate commission or other compensation. Think like a hacker with this $35 18-course ...
cybernews

AI-generated code is functional, but not secure at all, researchers warn

AI coding assistants introduce too many security flaws and should be a wake-up call for the industry, security researchers from Veracode warn. More often than not, the code will be functional but ...
Analytics Insight

Best Programming Languages for Cybersecurity in 2025

Python remains the top choice for scripting, automation, and penetration testing in cybersecurity. Rust and Go are gaining traction for building secure, memory-safe, and high-performance systems. C ...