CVE-2026-42208 exploited within 36 hours of disclosure, exposing LiteLLM credentials, risking cloud account compromise.

The FTP server ProFTPD includes a module called mod_sql. It contains an SQL injection vulnerability that can ultimately lead ...

SQL injection attacks are among the oldest exploits against web applications, dating back more than a decade. Sadly, despite the fact that it is fairly easy to defend against these injection attacks, ...

Flaws in OpenEMR's platform — used by more than 100,000 healthcare providers — enabled database compromise, remote code ...

TL;DR AI risk doesn’t live in the model. It lives in the APIs behind it. Every AI interaction triggers a chain of API calls across your environment. Many of those APIs aren’t documented or tracked.

New research exposes how prompt injection in AI agent frameworks can lead to remote code execution. Learn how these ...

Making headlines everywhere is the CopyFail Linux kernel vulnerability, which allows local privilege escalation (LPE) from any user to root privileges on most kernels and distributions. Local ...

Microsoft 365 E7 bundles Copilot, the Entra Suite, and the full Defender and Purview protection suites -- and with it, Agent 365 gives IT admins comprehensive control over AI agent discovery, ...

At Microsoft Build, SQL Server 2025 enters public preview with major enhancements in AI integration, performance, reliability and developer tools -- reaffirming Microsoft’s continued investment in its ...

At today's kickoff for Microsoft Ignite, the company announced that SQL Server 2025 is finally coming. No timing was announced for the release, but based on prior versions, I would expect to see a ...