GHSA-6MWX-4547-5VC9 OpenBao: LDAPi ldaputil (wrong escape func)

Description Component sdk/helper/ldaputil/client.go — the shared LDAP utility library used by both the LDAP authentication backend and OpenLDAP secrets engine to construct LDAP search filters and bind DNs. Root Cause The LDAP utility contains a function selection error that causes incorrect...

OpenBao: LDAPi ldaputil (wrong escape func)

Description Component sdk/helper/ldaputil/client.go — the shared LDAP utility library used by both the LDAP authentication backend and OpenLDAP secrets engine to construct LDAP search filters and bind DNs. Root Cause The LDAP utility contains a function selection error that causes incorrect...

GHSA-JR33-MW75-7J8F dbt MCP Server: Unauthenticated OAuth Context Endpoint Leaks dbt Platform Tokens

Unauthenticated OAuth Context Endpoint Leaks dbt Platform Tokens Summary The local OAuth helper FastAPI server bundled with dbt-mcp exposes the GET /dbtplatformcontext endpoint without any form of authentication or host-origin validation. After a user completes the OAuth login flow against dbt...

dbt MCP Server: Unauthenticated OAuth Context Endpoint Leaks dbt Platform Tokens

Unauthenticated OAuth Context Endpoint Leaks dbt Platform Tokens Summary The local OAuth helper FastAPI server bundled with dbt-mcp exposes the GET /dbtplatformcontext endpoint without any form of authentication or host-origin validation. After a user completes the OAuth login flow against dbt...

Home Assistant: Konnected alarm-panel switch state and zone topology disclosed to unauthenticated actors on the LAN

Summary The Konnected integration registers an HTTP endpoint, KonnectedView homeassistant/components/konnected/init.py, that is marked as not requiring authentication requiresauth = False. A comment next to that line says auth is instead handled "via the access token from configuration." That...

GHSA-X84V-G949-293W Home Assistant: Konnected alarm-panel switch state and zone topology disclosed to unauthenticated actors on the LAN

Summary The Konnected integration registers an HTTP endpoint, KonnectedView homeassistant/components/konnected/init.py, that is marked as not requiring authentication requiresauth = False. A comment next to that line says auth is instead handled "via the access token from configuration." That...

Unpatchable 'usbliter8' Exploit Breaks Apple A12 and A13 SecureROM Boot Chain

Security researchers at Paradigm Shift have published a working exploit, dubbed usbliter8 , that achieves arbitrary code execution inside the SecureROM of Apple's A12 and A13 chips. That code is burned into the silicon at manufacture. No software update can reach it. Affected devices will carry...

The Gentlemen RaaS Uses GentleKiller EDR Framework Targeting 400 Security Processes

The Gentlemen ransomware-as-a-service RaaS operation is actively developing and maintaining a suite of endpoint detection and response EDR killers that it hands out to affiliates for impairing system defenses before deploying the encryptor. This mature portfolio of EDR-terminating tools is center...

AlchemyCMS: Unauthenticated nested page API leaks restricted & unpublished content

Unauthenticated nested page API leaks restricted & unpublished content - Location: app/controllers/alchemy/api/pagescontroller.rb:28 Api::PagesControllernested - Affected version: Alchemy CMS 8.3.0.dev Rails 8.1.3 Description The unauthenticated GET /api/pages/nested endpoint returns the full pag...

GHSA-MQQ5-J7W8-2HGH AlchemyCMS: Unauthenticated nested page API leaks restricted & unpublished content

Unauthenticated nested page API leaks restricted & unpublished content - Location: app/controllers/alchemy/api/pagescontroller.rb:28 Api::PagesControllernested - Affected version: Alchemy CMS 8.3.0.dev Rails 8.1.3 Description The unauthenticated GET /api/pages/nested endpoint returns the full pag...

AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution

Microsoft researchers have detailed an exploit chain, named AutoJack, that turns an AI browsing agent into a delivery vehicle for remote code execution. Steer the agent to load an attacker's web page, and that page's JavaScript can reach a privileged local service on the same machine and spawn a...

Agentic-Flow: OS Command Injection in agentic-flow MCP server tools via unsanitized tool-parameter interpolation into execSync

Summary agentic-flow versions = 2.0.13 MCP server tools interpolated attacker-influenceable tool parameters e.g. agent, task, name, language, agentdb arguments directly into shell command strings passed to execSync. A malicious value reaching any of the affected MCP tools could break out of the...

GHSA-VCV2-R9JH-99M5 Agentic-Flow: OS Command Injection in agentic-flow MCP server tools via unsanitized tool-parameter interpolation into execSync

Summary agentic-flow versions = 2.0.13 MCP server tools interpolated attacker-influenceable tool parameters e.g. agent, task, name, language, agentdb arguments directly into shell command strings passed to execSync. A malicious value reaching any of the affected MCP tools could break out of the...

Operation Endgame Disrupts SocGholish Servers, Cleans 14,971 WordPress Sites

Dutch law enforcement authorities, along with counterparts from Canada , Germany, and the U.S., have disrupted malicious infrastructure associated with SocGholish and cleaned up nearly 15,000 infected WordPress websites. "With these actions we deprive cybercriminals of access to infected computer...

CISA Warns Fortinet Customers as FortiBleed Hits 86,644 FortiGate Devices

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday urged Fortinet customers with FortiGate appliances to take steps to secure against ongoing malicious activity aimed at thousands of internet-accessible devices. The sweeping campaign, believed to be the work of...

From Assistive to Agentic: The AI Shift That's Redefining Threat Management

Introduction The average enterprise security team has 40 or more security tools, giving a lot of visibility into internal telemetry and asset data. But often, these tools are working in siloes, generating overlapping alerts and data. And yet, breach dwell times remain stubbornly long 43 days,...

Adobe Experience Manager - XML External Entity Injection

Adobe Experience Manager 6.5, 6.4, 6.3 and 6.2 are susceptible to XML external entity injection. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site. id: CVE-2019-8086 info: name: Adobe...

Anthropic’s Fable and the State of AI

On June 9th, Anthropic released its Fable generative AI model. Three days later, the US government classified it as a dangerous munition, and used its export-control authority to prohibit any foreign nationals from accessing it. Unable to differentiate between Americans and foreigners, the compan...

Forget Data Leakage: Shadow AI's Real Threat Is Access Control

The first wave of enterprise AI concern was straightforward. It was simply employees pasting sensitive data into public AI tools. Security teams responded with usage policies, domain blocks, and data loss prevention rules. That response made sense at the time. It doesn't fit the problem anymore...

Salesforce Disables Klue App Integration After OAuth Token Abuse Exposes Customer Data

Salesforce has revealed that it disabled the Klue Battlecards app integration within its platform in response to a security incident impacting the competitive intelligence company on June 11, 2026. To that end, organizations will be unable to connect to Salesforce via the app until further notice...