CISA added two actively exploited CVEs to KEV after confirmed attacks, mandating FCEB patching by May 12, 2026.
Get the latest international news and world events from around the world.
LiteLLM CVE-2026–42208 SQL Injection Exploited within 36 Hours of Disclosure
In yet another instance of threat actors quickly jumping on the exploitation bandwagon, a newly disclosed critical security flaw in BerriAI’s LiteLLM Python package has come under active exploitation in the wild within 36 hours of the bug becoming public knowledge.
The vulnerability, tracked as CVE-2026–42208 (CVSS score: 9.3), is an SQL injection that could be exploited to modify the underlying LiteLLM proxy database.
“A database query used during proxy API key checks mixed the caller-supplied key value into the query text instead of passing it as a separate parameter,” LiteLLM maintainers said in an alert last week.
Microsoft: New Remote Desktop warnings may display incorrectly
Microsoft has confirmed a new issue causing newly introduced Windows security warnings to display incorrectly when opening Remote Desktop (.rdp) files.
This known issue impacts all supported Windows versions, including Windows 11 (KB5083768 & KB5083769), Windows 10 (KB5082200), and Windows Server (KB5082063).
As Microsoft explains in updates to the original advisories, “the security warning that appears when opening Remote Desktop (RDP) files might not display correctly in some cases.”
Video service Vimeo confirms Anodot breach exposed user data
Vimeo has disclosed that data belonging to some of its customers and users has been accessed without authorization following the recent breach at the Anodot data anomaly detection company.
The video platform says that the threat actor accessed email addresses for some of its customers, but most of the exposed information included technical data, video titles, and metadata.
“We have identified that, as a result of the Anodot breach, an unauthorized actor accessed certain Vimeo user and customer data. Our initial findings suggest that the databases accessed primarily contain technical data, video titles and metadata, and, in some cases, customer email addresses,” Vimeo states.
US reportedly charges Scattered Spider hacker arrested in Finland
A 19-year-old dual United States and Estonian citizen arrested in Finland earlier this month faces federal charges in the U.S. alleging he was a prolific member of the notorious Scattered Spider hacking collective.
According to temporarily unsealed court records obtained by the Chicago Tribune, the suspect (who used the online alias “Bouquet”) helped extort millions of dollars from multiple large corporations worldwide.
The suspected Scattered Spider member, who was allegedly arrested by Finnish law enforcement at Helsinki’s airport on April 10 while attempting to board a flight to Japan, is facing wire fraud, conspiracy, and computer intrusion charges.
Caveolin-1 deficiency Improved Glucose Metabolism via Modulation of β-cell Autophagy on High-Fat-Diet Mice
New in JBC press.
Lipotoxicity caused β-cell mass decrease and impaired β-cell function in type 2 diabetes mellitus (T2DM). We previously reported that caveolin-1 (Cav-1) deficiency protected pancreatic β cells against palmitate (PA)-induced apoptosis and dysfunction in both NIT-1 cells and isolated islets. In this study, we firstly established inducible β-cell-specific Cav-1 knockout (iβ-Cav1 KO) mice model. Next, we investigated whether Cav-1 depletion in vitro or in vivo affected β-cell function and survival through the regulation of autophagy under lipotoxicity.
A New Way to View Shockwaves Could Boost Fusion Research
At the heart of our sun, fusion is unfolding. As hydrogen atoms merge to form helium, they emit energy, producing the heat and light that reach us here on Earth. Inspired by our nearby star, researchers want to create fusion closer to home. If they can crack the engineering challenges underlying the process, they would create an abundant new source of power to eclipse all others.
One of those challenges is understanding what happens at the smallest scales during fusion reactions so that researchers can better control the process. In one of the two main kinds of fusion, inertial confinement fusion (ICF), researchers bombard a fuel-filled capsule with lasers to create shockwaves and heat and compress the target, kicking off fusion. That means lots of complex interactions that scientists haven’t been able to get a good look at — until now.
A team of researchers used a new approach at the Department of Energy’s Lawrence Berkeley National Laboratory (Berkeley Lab) to watch how a shockwave moved through water in extreme detail, making a never-before-seen movie of how the material compressed and how the electric and magnetic fields evolved. They were intrigued to discover that water provided a good analog for what happens when a laser strikes an ICF target. Scientists captured the process using both X-rays and an electron beam, a unique dual view known as “multi-messenger” imaging.
