7,000 Langflow servers are under attack. LangGraph and LangChain have the same holes

Attackers are actively exploiting path traversal and SQL injection in Langflow, LangGraph, and LangChain — below where your ...

Leak confirms OpenAI is testing a ChatGPT for Science subscription

OpenAI appears to be testing a new subscription and experience for science use cases, but it's unclear if it'll be available ...
MUO on MSN

I stopped juggling AI APIs and switched everything to one that actually works

I can use virtually every language, speech, image, and video model with one API key.

Meta-Harness for AI Agents: Databricks Releases Omnigent as Open Source

The Meta-Harness Omnigent combines AI agents like Claude Code and Codex under a common policy and collaboration layer – under ...

Vercel Brings New Agent Framework, Full-Stack Capabilities, and Enterprise Controls to Its Agentic Infrastructure Platform

As agents become the primary way software is built and deployed, Vercel connects its frontend, backend, and agent tooling ...
The Hacker News

Malicious JetBrains Plugins Steal AI API Keys as Chrome Extensions Capture Chatbot Chats

Researchers found 15 malicious JetBrains plugins posing as AI coding tools that exfiltrate OpenAI, DeepSeek, and SiliconFlow ...
Tech Times

AI Coding Agent Skills Library Gives Any Tool 51 Senior Engineer Personas

AI coding agent skills library claude-skills ships 345 free, MIT-licensed packages for Claude Code, Codex, Cursor, Gemini CLI ...
latesthackingnews.com

LiteLLM Vulnerability Chain: What Security Teams Running AI Gateways Need to Do Now

A three-CVE chain lets any default LiteLLM user escalate to admin and get a shell on the gateway server. A separate RCE is ...
The Hacker News

LiteLLM Vulnerability Chain Lets Low-Privilege Users Take Over AI Gateway Servers

Three LiteLLM flaws let low-privilege users gain admin access and run code, exposing AI keys, secrets, prompts, and responses ...
MUO on MSN

I stopped fighting LM Studio's model UI and switched to Ollama — setup took minutes instead of hours

Spend less time configuring and more time using AI.
Security Boulevard

Mercor’s 4TB Data Heist: When a Poisoned AI Library Exposed OpenAI and Meta’s Training Pipeline

A single poisoned Python package has produced the most consequential AI supply chain breach of 2026. On March 31, Mercor, a $10 billion AI training startup that recruits, vets, and pays the human ...
techtimes

Anthropic Ends Subscription Subsidy for Agents June 15: Credit Pool Replaces Flat-Rate Access

Thirteen days from now, any Claude subscriber who runs automated workflows through the Agent SDK, scripts claude -p commands, or depends on Claude Code in a continuous integration pipeline will wake ...