The Hacker News

Critical LangChain Core Vulnerability Exposes Secrets via Serialization Injection

A critical LangChain Core vulnerability (CVE-2025-68664, CVSS 9.3) allows secret theft and prompt injection through unsafe ...
The Hacker News

MongoDB Vulnerability CVE-2025-14847 Under Active Exploitation Worldwide

A critical MongoDB flaw, CVE-2025-14847, is under active exploitation, allowing unauthenticated data leaks from 87,000+ ...
Bleeping Computer

Telegram fixes Windows app zero-day used to launch Python scripts

Telegram fixed a zero-day vulnerability in its Windows desktop application that could be used to bypass security warnings and automatically launch Python scripts. Over the past few days, rumors have ...
Dark Reading

Open Source LLM Tool Sniffs Out Python Zero-Days

Researchers at Protect AI have released Vulnhuntr, a free, open source static code analyzer tool that can find zero-day vulnerabilities in Python codebases using Anthropic's Claude artificial ...
How-To Geek on MSN

Docker just rolled out a huge security upgrade

Docker containers often contain hundreds or thousands of utilities and libraries, which is great for quickly building and deploying server software, but can make security audits and vulnerability ...
WeLiveSecurity

Gripped by Python: 5 reasons why Python is popular among cybersecurity professionals

The Python programming language, born from the creative genius of Guido van Rossum as far back as some 35 years ago, has evolved into a crucial tool for professionals working in various areas, ...
Dark Reading

15-Year-Old Python Flaw Slithers into Software Worldwide

A 15-year-old flaw in the Python open source programming language has remained unpatched in many places, making its way into hundreds of thousands of both open source and closed source projects ...
CSO Online

Top 5 real-world AI security threats revealed in 2025

Security researchers uncovered a range of cyber issues targeting AI systems that users and developers should be aware of — ...