Microsoft fixes AutoGen Studio flaw that enabled code execution

A vulnerability chain dubbed AutoJack in Microsoft's AutoGen Studio interface for prototyping AI agents could let attackers ...
The Hacker News

Cordyceps CI/CD Flaws Expose 300+ GitHub Repositories to Supply-Chain Attacks

Researchers found Cordyceps CI/CD flaws affecting 300+ repositories, enabling code execution, credential theft, and supply ...
Cryptopolitan on MSN

Cordyceps flaws let anyone with a free GitHub account hijack CI/CD pipelines at Microsoft, Google, and Apache

Security firm Novee has revealed Cordyceps as a class of exploitable CI/CD vulnerabilities across open-source repositories ...

Edge users beware — this malicious extension can break out of the sandbox and install ransomware

Researchers from Zscaler found a new malware campaign dubbed Edgecution.
Manila Bulletin

Microsoft warns of USB malware that drains crypto wallets

Cybersecurity researchers at Microsoft have uncovered a sophisticated piece of malware that spreads through USB drives, intercepts cryptocurrency wallet ...
GitHub

CVE-2026-48908 — SP Page Builder Unauthenticated RCE

Customer stories Events & webinars Ebooks & reports Business insights GitHub Skills ...
GitHub

Mr-xn/Penetration_Testing_POC

渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell ...