Hackers are targeting sensitive information stored in the LiteLLM open-source large-language model (LLM) gateway by exploiting a critical vulnerability tracked as CVE-2026-42208. The flaw is an SQL injection issue that occurs during LiteLLM’s proxy API key verification step. An attacker can exploit it without authentication by sending a specially crafted Authorization header to any LLM API route. This allows reading data from the proxy’s database and modifying it. According to the maintainer’s security advisory, threat actors could use it for “unauthorised access to the proxy and the credentials it manages.” A fix was delivered in LiteLLM version 1.83.7 to replace…
Author: admin
YouTube is testing “Ask YouTube,” a conversational search experience that returns AI-generated text summaries alongside cited videos and supports follow-up questions in a persistent thread. YouTube describes the feature on its Premium Early Access page as “a new way to search on YouTube that feels more like a conversation.” Users can ask complex questions, receive results that combine video and text, and ask follow-ups to dive deeper. How It Works After opting in to the experimental feature, An “Ask YouTube” button appears in the search bar. Screenshot from: YouTube, April 2026. When a query is submitted, the page briefly loads,…
Researchers at cloud security giant Wiz discovered a critical remote code execution vulnerability in GitHub that exposed millions of repositories. The vulnerability, tracked as CVE-2026-3854, affected the code-hosting platform’s internal Git infrastructure. It impacted both GitHub Enterprise Server and GitHub.com. “By exploiting an injection flaw in GitHub’s internal protocol, any authenticated user could execute arbitrary commands on GitHub’s backend servers with a single git push command – using nothing but a standard git client,” Wiz explained. According to the security firm, which discovered the issue using AI, exploitation is easy. In the case of GitHub Enterprise Server, an attacker can…
When tracking share of voice for marketing teams, it’s often assumed to be a vanity metric — a number executives like to include in board decks but one that rarely influences strategy. In practice, that assumption doesn’t hold up.
Dark Reading’s Becky Bracken: Hello everyone, and welcome to Dark Reading Confidential. It’s a podcast from the editors of Dark Reading, bringing you real-world stories straight from the cyber trenches. We have a really great conversation for you today. I am joined by Chris Inglis, who was the former NSA Deputy Director during the infamous Edward Snowden affair. So he is here 13 years on to unpack a little bit about what we’ve learned, and hopefully pass some of that knowledge on to our enterprise cybersecurity teams listening today. Welcome, Chris. Thank you so much for joining us.Chris Inglis: Pleasure…
One of the most dependable ways to grow organic visibility was to publish more content. Expanding into the long tail and creating pages around different variations of a topic often led to steady traffic growth. Many SEO teams still operate with this mindset. Content calendars are built around search volume targets, and growth is often equated with how much new content is produced. The problem is the results no longer reflect the effort. In many cases, adding more pages doesn’t lead to increased visibility and can even dilute overall performance. Large content libraries are harder to maintain, compete internally, and…
A cybercrime group of Brazilian origin has resurfaced after more than three years to orchestrate a campaign that targets Minecraft players with a new stealer called LofyStealer (aka GrabBot). “The malware disguises itself as a Minecraft hack called ‘Slinky,'” Brazil-based cybersecurity company ZenoX said in a technical report. “It uses the official game icon to induce voluntary execution, exploiting the trust of young users in the gaming scene.” The activity has been attributed with high confidence to a threat actor known as LofyGang, which was observed leveraging typosquatted packages on the npm registry to push stealer malware in 2022, specifically…
A coordinated police operation in Switzerland has targeted suspected members of the Black Axe criminal network. On 28 April 2026, authorities carried out house searches across several Swiss cantons, leading to 10 arrests, including the Black Axe ‘Regional Head’ for Southern Europe. Most of those arrested are reported to be of Nigerian origin. The suspects are accused of numerous crimes, including romance scams, other cyber fraud offences causing millions of Swiss francs in damages, and money laundering. Officials describe Black Axe as “a highly structured, hierarchical group with a global presence.” “The criminal network is known for its involvement in…
OpenAI’s automated crawl activity is estimated to have roughly tripled after the launch of GPT-5, according to a new analysis from Botify and guest author Chris Long. In Botify’s dataset, OpenAI’s search crawler is now generating more log events than its training crawler. That’s a reversal from the period before GPT-5. Long, co-founder of the SEO consultancy Nectiv, analyzed roughly 7 billion OpenAI-bot log events from Botify’s enterprise client dataset spanning November 2024 through March 2026. What The Data Shows Two of the three OpenAI user agents Botify measured saw activity spike around the GPT-5 launch. OAI-SearchBot, which retrieves content…
Researchers are warning that the VECT 2.0 ransomware has a problem in the way it handles encryption nonces that leads to permanently destroying larger files rather than encrypt them. VECT has been advertised on one of the latest BreachForums iterations, inviting registered users to become affiliates, and distributing access keys via private messages to those who showed interest. At some point, VECT operators announced a partnership with TeamPCP, the threat group responsible for the recent supply-chain attacks impacting Trivy, LiteLLM, and Telnyx, as well as an attack against the European Commission. In the announcement, VECT operators stated that their goal…