TECH NEWS

Hackers Targeted PraisonAI Vulnerability Hours After Disclosure

Exploitation attempts targeting a recent authentication bypass vulnerability in PraisonAI started less than four hours after public disclosure, application protection firm Sysdig warns.

PraisonAI is a multi-agent framework that allows organizations to deploy autonomous AI agents for the execution of complex tasks.

Tracked as CVE-2026-44338, the newly disclosed security defect exists because PraisonAI versions 2.5.6 to 4.6.33 shipped with a legacy Flask API server that had authentication disabled by default.

“When that server is used, any caller that can reach it can access /agents and trigger the configured agents.yaml workflow through /chat without providing a token,” a NIST advisory reads.

With authentication disabled, /agents returns the configured agent metadata, while /chat accepts any JSON body with a message key and executes the agents.yaml workflow, ignoring the message value.

“Within three hours and 44 minutes of the advisory becoming public, a scanner identifying itself as CVE-Detector/1.0 was probing the exact...

Copyright of this story solely belongs to securityweek.com. To see the full text click HERE

https://image.theregister.com/257741.jpg?imageId=257741&x=0&y=0&cropw=100&croph=100&panox=0&panoy=0&panow=100&panoh=100&width=1200&height=683

Google Cloud suspended major customer Railway.com without cause, causing outage

This is the service we get when we spend $10m plus? asks automated code deployment outfit PaaS platform Railway says Google temporarily suspended its account on Wednesday without cause, inducing a major outage. Railway automates code deployment by taking a GitHub repo and doing all the work needed to get

https://www.techtarget.com/visuals/LeMagIT/hero_article/Cybersecurity_search_AdobeStock_1884692525-hero.jpg

What CISOs need to know about AI audit logs | TechTarget

AI is reshaping the application landscape, seemingly overnight. A recent Google Cloud survey of 3,466 senior business leaders found 77% of organizations are increasing spending on generative AI, with the vast majority already reporting ROI on at least one GenAI use case. More than half have also deployed agentic

https://assets.bwbx.io/images/users/iqjWHBFdfxIU/iP5Ca8JA715s/v0/1200x800.jpg

Samsung Electronics rejects a labor union-accepted mediation proposal, raising the prospect of a workers' strike; a general work stoppage will proceed on May 21

Sponsor Posts Niantic Spatial: World models need real-world data — Scaniverse is the gateway to spatial services — self-serve and built for AI and robotics. Large-area 3D reconstruction from 360° cameras and precise localization, anywhere machines operate. Protecting your Cloud Applications Data — Backing up Office 365, Google Workspace, Dropbox & Salesforce data

https://cdn1.expresscomputer.in/wp-content/uploads/2026/05/20094746/EC_Dr_Satya_Ramaswamy_CDO_CTO_Air_India_750.jpg

140 systems, 30 AI initiatives, 2-years: Inside Air India’s digital reinvention

As India’s aviation industry is undergoing one of its most ambitious reinventions, Air India’s transformation stands out for its scale, speed, and operational complexity. In less than three years, the airline has modernised more than 140 enterprise systems, migrated to a 100% cloud-native infrastructure, launched award-winning digital consumer

Read more

Google Cloud suspended major customer Railway.com without cause, causing outage

What CISOs need to know about AI audit logs | TechTarget

Samsung Electronics rejects a labor union-accepted mediation proposal, raising the prospect of a workers' strike; a general work stoppage will proceed on May 21

140 systems, 30 AI initiatives, 2-years: Inside Air India’s digital reinvention