Hackers Targeted PraisonAI Vulnerability Hours After Disclosure
The first exploitation attempts were observed less than four hours after the authentication bypass was publicly disclosed. The post Hackers Targeted PraisonAI Vulnerability Hours After Disclosure appeared first on SecurityWeek.
Exploitation attempts targeting a recent authentication bypass vulnerability in PraisonAI started less than four hours after public disclosure, application protection firm Sysdig warns.
PraisonAI is a multi-agent framework that allows organizations to deploy autonomous AI agents for the execution of complex tasks.
Tracked as CVE-2026-44338, the newly disclosed security defect exists because PraisonAI versions 2.5.6 to 4.6.33 shipped with a legacy Flask API server that had authentication disabled by default.
Source: https://www.securityweek.com/hackers-targeted-praisonai-vulnerability-hours-after-disclosure/
Related breach coverage
- Fortinet, Ivanti Patch Critical Vulnerabilities2026-05-13
Successful exploitation of these flaws could lead to arbitrary code execution and information disclosure. The post Fortinet, Ivanti Patch Critical Vulnerabilities appeared first on SecurityWeek.
- Researcher Drops YellowKey, GreenPlasma Windows Zero-Days2026-05-14
YellowKey is a BitLocker bypass that requires physical access. GreenPlasma enables elevation of privileges to System. The post Researcher Drops YellowKey, GreenPlasma Windows Zero-Days appeared first on SecurityWeek.
- High-Severity Vulnerability Patched in VMware Fusion2026-05-14
The patch was announced as Broadcom is attending the Pwn2Own hacking competition in Berlin this week. The post High-Severity Vulnerability Patched in VMware Fusion appeared first on SecurityWeek.
- Microsoft Patches Critical Zero-Click Outlook Vulnerability Threatening Enterprises2026-05-13
CVE-2026-40361 is similar to a vulnerability found a decade ago, BadWinmail, which at the time was dubbed an “enterprise killer”. The post Microsoft Patches Critical Zero-Click Outlook Vulnerability Threatening Enterprises appeared first on SecurityWeek.