The Hacker News

Hacking Salesforce Sites With an LLM Agent

AI agent exploited Salesforce sites; 263 objects, 55 Apex methods exposed at one portal, leading to PII and file leaks.

Coempt gave CBSE cyber certificates that were expired, tied to other client

The cybersecurity certificates submitted to CBSE for its OSM platform were outdated and covered a different client's deployment, raising questions on the platform's actual security.
RCR Wireless NewsOpinion

At-scale testing for LLM implementations and guardrails (Reader Forum)

As AI becomes the public face of business, organizations must validate performance, security, and cost efficiency at scale.
Newspoint on MSN

CBSE accepted fake security certificate for exam platform

Hyderabad: The cybersecurity certificates that the Central Board of Secondary Education (CBSE) accepted as proof that its ...
The Hacker News

LangGraph Flaw Chain Exposes Self-Hosted AI Agents to Remote Code Execution

Three patched LangGraph flaws could let attackers chain SQL injection and unsafe deserialization for RCE in self-hosted ...
Hackaday

sql injection

Web systems are designed to be simple and reliable. Designing for the everyday person is the goal, but if you don’t consider the odd man out, they may encounter some problems. This is the everyday ...
InfoWorld

Meet Hades: The malware that lies to AI security agents

Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...
Dark Reading

Application Security

Explore the latest news and expert commentary on Application Security, brought to you by the editors of Dark Reading ...
Cyber Wire

Cybersecurity Terms

Terms often used in cybersecurity discussions and education, briefly defined. Your corrections, suggestions, and recommendations for additional entries are welcome: email the editor at editor@n2k.com.