heise online

Script Injection and Data Theft: Python Data Analysis Tool Compromised

The popular Python package for monitoring data quality was briefly available as a malicious version. Provider Elementary advises an immediate update. An attacker uploaded a manipulated version 0.23.3 ...

Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign

A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious ...
pharmaphorum

mHealth Monthly Mashup: release 12.0 – pharma dips its toes into mobile health with broad array of apps

Michael Spitz explores mobile health apps created by pharmaceutical companies. According to a new survey of pharmaceutical executives conducted by KPMG, 36% plan on using mobile health to gain ...
GitHub

indirect-prompt-injection

AgentForensics is an open-source security framework that monitors complete LLM agent sessions in real time, detecting prompt injection attacks across tool outputs, web pages, documents, and API ...