The Hacker News

LangChain, LangGraph Flaws Expose Files, Secrets, Databases in Widely Used AI Frameworks

Three LangChain flaws enable data theft across LLM apps, affecting millions of deployments, exposing secrets and files.

LangChain framework hit by several worrying security issues — here's what we know

LangChain and LangGraph have patched three high-severity and critical bugs.
InfoWorld

Local-first browser data gets real

Wasm, PGlite, OPFS, and other new tech bring robust data storage to the browser, Electrobun brings Bun to desktop apps, ...

RxDB 17: Sync without server, access for AI agents

The open-source database RxDB 17 now synchronizes data directly via Google Drive or OneDrive – developers no longer need ...

New Password Stealer Bypasses 2FA—Chrome, Edge And Firefox Targeted

This new Storm attack platform can exfiltrate passwords and session data, enabling 2FA bypass. Google Chrome, Microsoft Edge ...

Mozilla introduces cq, describing it as 'Stack Overflow for agents'

Mozilla is building cq - described by staff engineer Peter Wilson as "Stack Overflow for agents" - as an open source project ...
Developer Tech

Isolating dynamic AI agent code execution with Cloudflare’s API

Securing dynamic AI agent code execution requires true workload isolation—a challenge Cloudflare’s new API was built to solve ...
CMSWire

Meet EmDash, the Cloudflare CMS and WordPress 'Spiritual Successor'

Cloudflare created an open-source CMS it calls a "spiritual successor to WordPress" — but WordPress is having none of it.
Infosecurity Magazine

New 'Storm' Infostealer Remotely Decrypts Stolen Credentials

Security researchers at Varonis have uncovered a new information stealer malware (infostealer) strain that harvests browser ...