SearchLeak and a three-CVE LiteLLM chain broke the same AI trust boundary in two weeks. A 5-check audit maps each gap to a ...
Four vulnerabilities allow attackers to exploit Dify, a platform for AI application building and management, to silently ...
Dify vulnerabilities named DifyTap allowed attackers to read private chats, preview private documents, and access internal ...
Hackers are exploiting a vulnerability in the Gravity SMTP WordPress plugin to extract configuration data, including API keys and tokens.
MITRE Vice President Yosry Barsoum has warned that U.S. government funding for the Common Vulnerabilities and Exposures (CVE) and Common Weakness Enumeration (CWE) programs expires today, which could ...