An exposed WP-SHELLSTORM server revealed tools, logs, cloud credentials, and thousands of webshells used in a large website ...
Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious payload that remains invisible to security scanners, AI agents, and human ...
A reverse shell gives an attacker interactive command-line access to a compromised machine by making the target reach out first. Instead of the attacker connecting inward to a listening port on the ...
If your team runs LiteLLM as an AI gateway, you have an urgent patch to ship. Obsidian Security published a LiteLLM vulnerability chain on June 15, 2026 that allows any low-privilege user on the proxy ...
A default low-privilege account on a LiteLLM proxy can climb to full admin and run code on the server by chaining three vulnerabilities, researchers at Obsidian Security disclosed LiteLLM is a widely ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results