LangChain framework hit by several worrying security issues — here's what we know

LangChain and LangGraph have patched three high-severity and critical bugs.
The Hacker News

LangChain, LangGraph Flaws Expose Files, Secrets, Databases in Widely Used AI Frameworks

Three LangChain flaws enable data theft across LLM apps, affecting millions of deployments, exposing secrets and files.
eWeek

Claude Can Now Click, Type, and Work Across Your Desktop

Anthropic is giving Claude agentic control over the computer, letting it click, browse, open files, and carry out tasks ...
IEEE

SmartInject: Automated SQL Injection Testing Using Deep Q-Learning and LSTM-Based Payload ...

Abstract: SQL injection (SQLi) is still one of the prevalent cybersecurity threats that enable attackers to manipulate back-end databases via their vulnerable web applications. Traditional testing and ...
IEEE

A New Database Integrity Protection Approach Against SQL Injection Attacks (SQLIAs)

Abstract: SQL Injection Attacks (SQLIAs) are among the most significant and serious threats to web applications, empowering assailants to employ countless techniques in order to steal and/or tamper ...
The Hacker News

OpenClaw AI Agent Flaws Could Enable Prompt Injection and Data Exfiltration

China's National Computer Network Emergency Response Technical Team (CNCERT) has issued a warning about the security risks stemming from the use of OpenClaw (formerly Clawdbot and Moltbot), an ...

For March, Patch Tuesday delivers fixes for 83 vulnerabilities

In addition to rolling out patches to address two zero-days affecting SQL Server and .NET, Microsoft introduced Common Log File System hardening with signature verification.
GitHub

A dependency injection library for Python.

py-dependency-injection is inspired by the built-in dependency injection system in ASP.NET Core. It provides a lightweight and extensible way to manage dependencies in Python applications. By ...