The Hacker News

LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure

CVE-2026-42208 exploited within 36 hours of disclosure, exposing LiteLLM credentials, risking cloud account compromise.
The Hacker News

108 Malicious Chrome Extensions Steal Google and Telegram Data, Affecting 20,000 Users

Cybersecurity researchers have discovered a new campaign in which a cluster of 108 Google Chrome extensions has been found to communicate with the same command-and-control (C2) infrastructure with the ...
Computer Weekly

Microsoft patches zero-days in .NET and SQL Server

Two zero-day flaws in the form of a denial of service (DoS) issue in .NET and an elevation of privilege (EoP) issue in SQL Server top the agenda for security teams in Microsoft’s latest monthly Patch ...
WRDW

Challenges remain as S.C. alcohol server training deadline gets extension

SOCASTEE, S.C. - South Carolina servers and bartenders now have until May 1 to complete a newly required alcohol training exam, but workers say getting through the four-hour program comes with its own ...
Post and Courier

Bartenders, servers get extension for mandatory alcohol training needed under SC insurance reform

COLUMBIA — The S.C Department of Revenue is extending the deadline for the state’s hospitality workers to complete a new mandatory alcohol server training created under last year’s liquor liability ...
Infosecurity-magazine.com

Flaws in Popular Software Development App Extensions Allow Data Exfiltration

Researchers at OX Security have detected four vulnerabilities in three of the most popular integrated development environments (IDEs) that could lead to cyber-attacks. In a report published on ...
Bleeping Computer

Flaws in popular VSCode extensions expose developers to attacks

Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collectively downloaded more than 128 million times could be exploited to steal local ...
Redmond Magazine

Restoring a Database to an Older Version of SQL Server

SQL Server backups cannot be restored to older versions directly. Use Export and Import Data-Tier Application for cross-version database migration. Reconfigure permissions, logins, and connection ...
IEEE

Protect Your Secrets: Understanding and Measuring Data Exposure in VSCode Extensions

Abstract: Recent years have witnessed the emerging trend of extensions in modern Integrated Development Environments (IDEs) like Visual Studio Code (VSCode) that significantly enhance developer ...
CoinDesk

Trust Wallet users lose $7 million to hacked Chrome extension

Trust Wallet users lost more than $7 million shortly after it released an updated version of its extension for the Chrome web browser. The stolen funds will be reimbursed, said Changpeng Zhao, a ...
Redmond Magazine

Microsoft Ignite 2025: SQL Server 2025 Is Here

With the official release of Microsoft's latest database offering, let's see what was improved and what still needs some work. Today, at Ignite, Microsoft announced the general availability of SQL ...
CSOonline

Vibe-coded ransomware proof-of-concept ended up on Microsoft’s marketplace

A suspicious Visual Studio Code extension with file-encrypting and data-stealing behavior successfully bypassed marketplace review and entered the developer ecosystem. In a suspected test effort, ...