Max-severity flaw in ChromaDB for AI apps allows server hijacking

A max-severity vulnerability in the latest Python FastAPI version of the ChromaDB project allows unauthenticated attackers to ...
The Hacker News

LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure

In yet another instance of threat actors quickly jumping on the exploitation bandwagon, a newly disclosed critical security flaw in BerriAI's LiteLLM Python package has come under active exploitation ...
Wall Street Journal

The AI Splurge Is Costing Big Tech Its Workforce

WSJ’s Asa Fitch explains why investors appear skittish about increased AI spending at Tesla, and what it might mean for Elon Musk. Photo: Sherry Fan Tech companies are rushing to trade their people ...