The Hacker News

Chainlit AI Framework Flaws Enable Data Theft via File Read and SSRF Bugs

High-severity flaws in the Chainlit AI framework could allow attackers to steal files, leak API keys & perform SSRF attacks; ...

Pentera Labs warns vulnerable demo apps are being actively exploited in the wild

Moreover, many of the vulnerable apps are under active exploitation. About 20% of exposed instances contained artifacts ...
Dark Reading

'Damn Vulnerable' Training Apps Leave Vendors' Clouds Exposed

Hackers are already leveraging these over-permissioned programs to access the IT systems of major security vendors.