ADVERTISEMENT

AI platform Dify, with 10 million installs, exposes users to one-click account takeover

Dify, a popular low-code AI application development platform with over 142,000 stars on GitHub, was found to contain critical vulnerabilities that allowed a one-click account takeover. Imperva researchers warn that AI tools are racing to add features without ensuring security.

one click account takeover

Image by Cybernews.

Ernestas Naprys
Ernestas Naprys Senior Journalist
May 20, 2026 Updated: 21 May 2026 3 min read
jurgita justinasv Izabelė Pukėnaitė vilius Ernestas Naprys Gintaras Radauskas
Don't miss our latest stories on Google News
Add us as your Preferred Source on Google.
Common Vulnerability Scoring System (CVSS)
Image by Jne Valokuvaus | Shutterstock

One click to a complete compromise

Check if your data has been leaked

Find out if your email, phone number or related personal information might have fallen into the wrong hands.
18,611,353,922
Breached accounts
36,030
Breached websites
ADVERTISEMENT

Snooping private code

dify1
Image by Imperva.

Broader problems with AI platforms


ADVERTISEMENT