The biggest mistake people make when trying to get their ChatGPT API key is that they use the wrong URL. The key can't be found at chatgpt.com. Instead, point your browser to the OpenAI developer ...

A critical pre-authentication SQL injection vulnerability in BerriAI’s LiteLLM Python package came under active exploitation ...

Cursor flaw lets extensions steal API keys and session tokens without user interaction, according to researchers at LayerX ...

Hackers are targeting sensitive information stored in the LiteLLM open-source large-language model (LLM) gateway by ...

The post How Escape AI Pentesting Exploited SSRF in LiteLLM appeared first on Escape – Application Security & Offensive ...

What began as a routine staging task for a SaaS startup ended in a disaster that  would have been unthinkable just months ago: an AI agent operating as a super insider threat and triggering a ...

CVE-2026-42208 exploited within 36 hours of disclosure, exposing LiteLLM credentials, risking cloud account compromise.

A severe vulnerability in the AI-powered development tool Cursor allows installed extensions to access locally stored API keys and session tokens without user action, according to LayerX researchers.

As agents are given permission to handle provisioning, billing, and deployment, enterprises face new challenges around ...

Crane, the founder of automotive SaaS platform PocketOS, spent the weekend recovering from a data extinction event caused by the company's AI coding agent in less than 10 seconds.  Not one to let a ...

Hackers rushed to target a critical LiteLLM SQL injection flaw to steal keys, credentials, and environment-variable ...