Angriff auf GitHub.dev stiehlt das OAuth-Token für alle Repos (2026-06-05 11:58 UTC)
Kurz: Eine Lücke auf Github.dev – VS Code im Browser – ermöglichte es Angreifern, alle Repos eines Anwenders zu verseuchen, um verschiedene Angriffe zu starten.
Suspicious Polyfill login prompts pop up on Toshiba, Muji websites (2026-06-05 21:54 UTC)
Kurz: Tech giant Toshiba and mega-retailer Muji warned visitors that suspicious sign-in screens popping up on their websites could collect credentials. […]
Chinese APT deploys new malware to keep access to hacked networks (2026-06-05 18:09 UTC)
Kurz: A Chinese espionage group tracked as UNC5221 has been accessing Microsoft 365 environments using the Brickstorm backdoor and previously undocumented malware named Plenet and AgentPSD. […]
AI Agent Uncovers 21 Zero-Days in FFmpeg; Chrome Patches Record 429 Bugs (2026-06-06 07:28 UTC)
Kurz: Two things landed within days of each other this week. A security startup reported 21 previously unknown vulnerabilities in FFmpeg, the media library inside almost everything that touches video, all of them found by an autonomous AI agent. …
Miasma Worm Hits 73 Microsoft GitHub Repositories in Major Supply Chain Attack (2026-06-06 06:58 UTC)
Kurz: Microsoft’s GitHub repositories have become the latest to fall victim to the ongoing Miasma self-replicating supply chain attack campaign. The incident impacted 73 Microsoft repositories across four of its GitHub organizations, including Az…
Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited – No Patch Available (2026-06-06 04:19 UTC)
Kurz: Cisco has warned that a high-severity security flaw impacting Catalyst SD-WAN Manager has come under active exploitation. The vulnerability, tracked as CVE-2026-20245, carries a CVSS score of 7.8 out of a maximum of 10.0. It affects the fol…