














In yet another instance of threat actors quickly jumping on the exploitation bandwagon, a newly disclosed critical security flaw in BerriAI's LiteLLM Python package has …
Posted by Peter Gutmann on Apr 28 Jacob Bachmeyer writes: Not sure if this makes it better or worse, but I've found that Claude/Opus at least gives different answers for… | Posted by Jacob Bachmeyer on Apr 28 The biggest risk is parallel discovery. If an LLM can find a bug for a whitehat, it can do the same for a blackhat. You are correct h…
Cybersecurity researchers have disclosed details of a critical security flaw impacting LeRobot, Hugging Face's open-source robotics platform with nearly 24,000 GitHub st…
An administrative role meant for artificial intelligence (AI) agents within Microsoft Entra ID could enable privilege escalation and identity takeover attacks, according…
Microsoft on Monday revised its advisory for a now-patched, high-severity security flaw impacting Windows Shell to acknowledge that it has been actively exploited in the…
Posted by Alan Coopersmith on Apr 28 No, you cc'ed oss-security, a public mailing list with public archives: https://www.openwall.com/lists/oss-security/2026/04/28/20 so… | Posted by Jacob Bachmeyer on Apr 28 Oops. The oss-security mailing list is public. If you want to do coordinated disclosure, you might want to avoid sending the initial … | Posted by Solar Designer on Apr 28 Thank you, Dmitry! FWIW, I've just checked that traceroute-2.1.1-1.el9.src.rpm also contains the "n -= hlen;" line where Mohamed propo…