This WebUI vulnerability allows remote code execution - here's how to stay safe

Open WebUI, an open-source, self-hosted web interface for interacting with local or remote AI language models, carried a high ...
Security Boulevard

Algorithmic Agility in MCP Server-Client Cryptographic Negotiation

Learn how to implement algorithmic agility and post-quantum cryptography in MCP server-client negotiations to secure AI infrastructure against future threats.
InfoWorld

Open WebUI bug turns the ‘free model’ into an enterprise backdoor

The bug allows attacker-controlled model servers to inject code, steal session tokens, and, in some cases, escalate to remote ...
The Hacker News

VS Code Forks Recommend Missing Extensions, Creating Supply Chain Risk in Open VSX

AI-based VS Code forks recommended unclaimed extensions, allowing malicious uploads in Open VSX and risking developer systems ...
Infosecurity Magazine

High-Severity Flaw in Open WebUI Affects AI Connections

The flaw, tracked as CVE-2025-64496 and discovered by Cato Networks researchers, impacts Open WebUI versions 0.6.34 and older ...

Browser extension malware infected 8.8M users in DarkSpectre attack

Browser extensions turned malicious after years of legitimate operation in DarkSpectre campaign affecting millions. The ...