Attackers don't need any special authentication to reach a target endpoint — they just need to know where it is.
A default low-privilege account on a LiteLLM proxy can climb to full admin and run code on the server by chaining three vulnerabilities, researchers at Obsidian Security disclosed LiteLLM is a widely ...
AI language models can be secretly trained to steal credentials when triggered by a specific phrase. Here's what the research shows, why safety training can't stop it, and where the $414M AI security ...
Cybersecurity researchers have flagged two malicious cyber campaigns that exhibit similarities with a persistent North Korean threat cluster known as Contagious Interview (aka Famous Chollima, ...
LiteLLM does not forward all client headers to the LLM provider. Instead, it uses an allowlist approach — only headers matching specific rules are forwarded. This ensures sensitive headers (like your ...
Researchers at U.K.-based cybersecurity company Darktrace Holdings Ltd. today detailed a cloud intrusion in which a ...
The intrusion followed a familiar cloud attack playbook, but experts say the bigger concern is that AI gateways increasingly ...
The FBI warned that TeamPCP software supply chain attacks targeted developer tools to steal cloud credentials, SSH keys, and ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results