InfoWorld

Open WebUI bug turns the ‘free model’ into an enterprise backdoor

The bug allows attacker-controlled model servers to inject code, steal session tokens, and, in some cases, escalate to remote ...

Browser extension malware infected 8.8M users in DarkSpectre attack

Browser extensions turned malicious after years of legitimate operation in DarkSpectre campaign affecting millions. The ...
The Hacker News

Two Chrome Extensions Caught Stealing ChatGPT and DeepSeek Chats from 900,000 Users

Security researchers found two Chrome extensions with 900,000 installs secretly collecting ChatGPT and DeepSeek chats and ...

This WebUI vulnerability allows remote code execution - here's how to stay safe

Open WebUI, an open-source, self-hosted web interface for interacting with local or remote AI language models, carried a high ...