Apache Commons Text: Code injection vulnerability in older versions

Apache Commons Text is used for processing character strings in Java apps. A critical vulnerability allows the injection of ...
The Hacker News

Critical LangChain Core Vulnerability Exposes Secrets via Serialization Injection

A critical LangChain Core vulnerability (CVE-2025-68664, CVSS 9.3) allows secret theft and prompt injection through unsafe ...

Critical ‘LangGrinch’ vulnerability in langchain-core puts AI agent secrets at risk

The vulnerability, tracked as CVE-2025-68664 and dubbed “LangGrinch,” has a Common Vulnerability Scoring System score of 9.3.

WebRAT malware spread via fake vulnerability exploits on GitHub

The WebRAT malware is now being distributed through GitHub repositories that claim to host proof-of-concept exploits for ...
eWeek

OpenAI Steps Up Security as ChatGPT Atlas Faces Ongoing Prompt Injection Threats

The AI firm has rolled out a new security update to Atlas’ browser agent after uncovering a new class of prompt injection ...
Bleeping Computer

CISA orders feds to patch actively exploited Geoserver flaw

CISA has ordered U.S. federal agencies to patch a critical GeoServer vulnerability now actively exploited in XML External Entity (XXE) injection attacks. In such attacks, an XML input containing a ...
Pharmabiz

Novo Nordisk files sNDA of semaglutide injection 7.2 mg with US FDA for approval to treat obesity

Novo Nordisk, a leading global healthcare company with a heritage of more than 100 years in diabetes care field, has announced the submission of an sNDA to the US Food and Drug Administration (FDA) ...