latesthackingnews.com

LiteLLM Vulnerability Chain: What Security Teams Running AI Gateways Need to Do Now

A three-CVE chain lets any default LiteLLM user escalate to admin and get a shell on the gateway server. A separate RCE is ...
The Hacker News

LiteLLM Vulnerability Chain Lets Low-Privilege Users Take Over AI Gateway Servers

Three LiteLLM flaws let low-privilege users gain admin access and run code, exposing AI keys, secrets, prompts, and responses ...
GitHub

Keenetic/Netcraze TProxy & Redirect with sing-box

sing-box excels due to its modularity and clean-slate architecture: its DNS stack enables complex configurations with minimal RAM overhead. In contrast, mihomo (Clash) prioritizes automation at the ...
GitHub

Envoy Proxy - Cloud Native Proxy and Gateway for Modern Services

Envoy Proxy helps developers manage service traffic with secure routing, observability, and resilient API delivery for modern cloud native apps. Download envoy proxy to build fast, secure, cloud ...
Ars Technica

Millions of AI agents imperiled by critical vulnerability in open source package

Millions of AI agents and tools around the world have been imperiled by a critical vulnerability that can allow hackers to breach the servers running them and make off with sensitive data and ...
techtimes

500 Poisoned Packages, Hundreds of Companies: TeamPCP’s Worm Just Reached GitHub

A GitHub employee installed a routine VS Code extension update on the morning of May 18, 2026. That single action handed cybercrime group TeamPCP enough access to exfiltrate approximately 3,800 of ...