InfoWorld

Open WebUI bug turns the ‘free model’ into an enterprise backdoor

The bug allows attacker-controlled model servers to inject code, steal session tokens, and, in some cases, escalate to remote code execution on enterprise AI backends. Security researchers have ...
SiliconANGLE

Sysdig detects AI-assisted malware exploiting Open WebUI misconfigurations

A new report out today from cloud-native application security firm Sysdig Inc. details one of the first instances of a large language model being weaponized in an active malware campaign. Discovered ...
Infosecurity-magazine.com

High-Severity Flaw in Open WebUI Affects AI Connections

A high-severity security vulnerability affecting Open WebUI has been uncovered, potentially exposing users to account takeover (ATO) and, in some cases, full server compromise. The flaw, tracked as ...