https://invaders.ie/resources/blog/cloud-and-application-security/cve-2026-42208-litellm-pre-auth-sqli-secrets-exposure Invaders Security en 2026-04-29T08:06:53.255Z CVE-2026-42208 turns exposed LiteLLM gateways into a secrets exposure risk CVE-2026-42208, LiteLLM SQL injection, LiteLLM pre-auth SQLi, AI gateway secrets exposure, LiteLLM active exploitation, LLM proxy API key risk https://invaders.ie/resources/blog/supply-chain-security/glassworm-openvsx-sleeper-extensions-malware-delivery Invaders Security en 2026-04-28T08:06:19.898Z GlassWorm sleeper extensions turn Open VSX updates into a malware delivery path GlassWorm Open VSX sleeper extensions, OpenVSX malicious extension update, developer supply chain malware, VSIX payload delivery, GitHub hosted extension malware, developer secrets theft