Tag: AI Security
Open Source Toolkit Automates Bug Bounty Workflows with Local AI Models
BugHunter allows security researchers to run vulnerability testing and generate submission ready reports from a single terminal command using free…
Active Exploitation of Langflow File Write Bug Enables Remote Code Execution
Attackers are exploiting an unpatched path traversal vulnerability in the Langflow AI development platform that allows unauthenticated remote code execution…
LiteLLM Vulnerability Actively Exploited in Attacks Leading to Full System Takeover
Attackers are chaining a LiteLLM command injection flaw with a Starlette authentication bypass to compromise AI gateway deployments without needing…
Red Team Rollout of Anthropic AI Model Hits Early Security Snag
A restricted security evaluation of Anthropic's next generation AI model was disrupted when unauthorized API access was resold through a…
OpenAI Rolls Out ChatGPT Lockdown Mode to Block Data Theft Via Prompt Injection
OpenAI's Lockdown Mode blocks the data exfiltration step of prompt injection attacks by restricting outbound network requests and disabling several…
Flaw in AI Library Allows Code to Be Hidden in Model Files
A new exploit in the widely used Transformers library lets attackers execute code by uploading malicious model files that appear…
Anthropic Fixes Claude Code GitHub Action Flaw Allowing Remote Repository Takeover
A permission bypass in the Claude Code GitHub Action let attackers inject malicious prompts through GitHub issues to steal repository…
AI Red Team Framework HexStrike v6.0 Bundles 127 Security Tools with Payload Evasion Engine
HexStrike v6.0 turns Claude and GPT into autonomous red team operators with 127 tools and a multilayered antivirus evasion engine…