Vulnerabilities
Researcher Ammar Askar disclosed a one-click attack via VS Code's GitHub.dev that steals a GitHub OAuth token with read-write access to private repos. He published the PoC with about an hour's notice, blaming Microsoft's disclosure process.
Artificial Intelligence (AI)
SafeBreach researchers found that a single poisoned notification — from WhatsApp, Slack or SMS — could hijack Google Gemini's voice assistant on Android with no malicious app installed, reaching smart-home controls and poisoning the assistant's long-term memory. Google has patched it.
Vulnerabilities
Two more plugin RCEs are under active exploitation: Everest Forms Pro CVE-2026-3300 (CVSS 9.8), a PHP-injection flaw Wordfence has blocked tens of thousands of times, and Magento's Mirasvit Cache Warmer CVE-2026-45247 (CVSS 9.8), now added to CISA's KEV catalog.
Nation-State Cyber Threats
A joint Five Eyes advisory warns that Chinese intelligence officers, posing as recruiters and consultants for front companies, are using LinkedIn, Indeed and Upwork to recruit government, military and cleared personnel — and anyone with access to classified or privileged information.
Critical Infrastructure
CISA, the FBI, NSA, Department of Energy and other US agencies warn that hackers are targeting internet-exposed automatic tank gauge (ATG) systems that monitor fuel storage, modifying device settings via command execution. The fix: get them off the public internet.
Data Breaches
The UN World Food Programme says its self-registration application for Palestine was breached, exposing names, ID and mobile numbers and location data for roughly 600,000 Gaza households — potentially the largest-known breach of humanitarian beneficiary data to date.
Vulnerabilities
Researcher RyotaK of GMO Flatt Security found a flaw in Anthropic's Claude Code GitHub Action that let a single opened issue take over public repos running it. Anthropic fixed it within days (v1.0.94) and paid a bounty; the durable lesson is product-agnostic.
Artificial Intelligence
Anthropic is extending Project Glasswing — which uses its Claude Mythos model to find software flaws — to about 150 more organizations in 15-plus countries, most of them critical-infrastructure operators a major attack could each affect, the company estimates, 100 million-plus people.
Iranian Threat Actors
Recorded Future's Insikt Group says Iran's intelligence ministry has expanded its Handala hacking brand into an umbrella for hybrid operations — uniting cyber, physical and influence personas that recruit proxies, for cash, to attack, surveil and sabotage US and Israeli interests.
Malware
McAfee Labs says WeedHack, a free-to-start Minecraft malware-as-a-service, has infected over 116,000 systems since January via fake mods pushed on YouTube and through SEO poisoning — and some buyers are using its remote-access tools to spy on and harass other players.
Malware
Silent Push has named DriveSurge, a pay-per-install access broker that has quietly hijacked thousands of legitimate websites and routes their visitors — on both Windows and macOS — into ClickFix and fake-update malware lures using an off-the-shelf traffic distribution system.
Nation-State Cyber Threats
Seqrite Labs says the Pakistan-aligned group SideCopy likely ran Operation XENOFISCAL, a spear-phishing campaign that hit Afghanistan's Ministry of Finance and provincial finance offices with the open-source Xeno RAT, delivered through a Pashto-language ZIP-and-LNK lure.