The Hacker News

Chainlit AI Framework Flaws Enable Data Theft via File Read and SSRF Bugs

High-severity flaws in the Chainlit AI framework could allow attackers to steal files, leak API keys & perform SSRF attacks; ...
Security Boulevard

Anthropic, Microsoft MCP Server Flaws Shine a Light on AI Security Risks

Researchers with Cyata and BlueRock uncovered vulnerabilities in MCP servers from Anthropic and Microsoft, feeding ongoing security worries about MCP and other agentic AI tools and their dual natures ...
Bleeping Computer

Hackers exploit Ivanti SSRF flaw to deploy new DSLog backdoor

Hackers are exploiting a server-side request forgery (SSRF) vulnerability in Ivanti Connect Secure, Policy Secure, and ZTA gateways to deploy the new DSLog backdoor on vulnerable devices. The ...
The Register on MSN

AI framework flaws put enterprise clouds at risk of takeover

Update Chainlit to the latest version ASAP Two "easy-to-exploit" vulnerabilities in the popular open-source AI framework ...
CSOonline

Commvault warns of critical Command Center flaw

Commvault is warning customers of a critical vulnerability affecting Command Center, a web-based management console for its data protection and backup offerings. The flaw, tracked as CV-2025-34028, ...
Dark Reading

Microsoft Patches 4 SSRF Flaws in Separate Azure Cloud Services

Microsoft has fixed vulnerabilities in four separate services of its Azure cloud platform, two of which could have allowed attackers to perform a server-side request forgery (SSRF) attack — and thus ...