This WebUI vulnerability allows remote code execution - here's how to stay safe

Open WebUI, an open-source, self-hosted web interface for interacting with local or remote AI language models, carried a high ...
InfoWorld

Open WebUI bug turns the ‘free model’ into an enterprise backdoor

The bug allows attacker-controlled model servers to inject code, steal session tokens, and, in some cases, escalate to remote ...
Dark Reading

ChatGPT's Memory Feature Supercharges Prompt Injection

That's according to researchers from Radware, who have created a new exploit chain it calls "ZombieAgent," which demonstrates ...

ChatGPT falls to new data-pilfering attack as a vicious cycle in AI continues

There’s a well-worn pattern in the development of AI chatbots. Researchers discover a vulnerability and exploit it to do ...

Ask An SEO: Can AI Systems & LLMs Render JavaScript To Read ‘Hidden’ Content?

What are the differences between how AI systems handle JavaScript-rendered or interactively hidden content compared to ...
The Hacker News

Russian APT28 Runs Credential-Stealing Campaign Targeting Energy and Policy Organizations

Russian-linked APT28 ran credential-harvesting attacks in 2025 using fake Microsoft, Google, and VPN login pages, PDF lures, ...