• ShadowPrompt: How Any Website Could Have Hijacked Claude’s Chrome Extension

    Author: Oren Yomtov Published: March 26, 2026 Source: https://www.koi.ai/blog/shadowprompt-how-any-website-could-have-hijacked-anthropic-claude-chrome-extension Summary Koi Security researcher Oren Yomtov disclosed “ShadowPrompt,” a vulnerability chain in Anthropic’s Claude Chrome extension (reported as having 3+ million users) that let any website silently inject prompts into the AI assistant with no user interaction. By combining an overly permissive origin allowlist in the…

  • When AI Agents Go Rogue: Agent Session Smuggling Attack in A2A Systems

    Author: Jay Chen, Royce Lu Published: October 31, 2025 Source: https://unit42.paloaltonetworks.com/agent-session-smuggling-in-agent2agent-systems/ Summary Palo Alto Networks’ Unit 42 details “agent session smuggling,” an attack technique against multi-agent systems that communicate over the Agent2Agent (A2A) protocol. A malicious or compromised remote agent abuses the stateful, multi-turn nature of an active A2A session to covertly inject extra instructions…

  • A Fake Bug Report Hijacks Your AI Coding Agent – and Nothing Catches It.

    Author: Ron Bobrov, Barak Sternberg, Nevo Poran Published: June 9, 2026 Source: https://tenetsecurity.ai/blog/agentjacking-coding-agents-with-fake-sentry-errors/ Summary Researchers at Tenet Security describe “Agentjacking,” an indirect prompt-injection attack class in which a malicious error event is planted in a victim’s Sentry error-tracking project and later read by an AI coding agent. Because the agent cannot distinguish data it retrieves…

  • ShinyHunters Targets Education Sector with Oracle PeopleSoft Exploit

    Author: Mandiant / Google Threat Intelligence Group (GTIG) Published: June 11, 2026 Source: https://cloud.google.com/blog/topics/threat-intelligence/shinyhunters-targets-education-sector-oracle-exploit Summary Mandiant and the Google Threat Intelligence Group report a zero-day exploitation and extortion campaign by ShinyHunters (tracked as UNC6240) against Oracle PeopleSoft environments, running from May 27 to June 9, 2026. The actor exploited CVE-2026-35273, a critical (CVSS 9.8) unauthenticated…

  • Critical Windows Netlogon RCE flaw now exploited in attacks

    Author: Sergiu Gatlan Published: June 1, 2026 Source: https://www.bleepingcomputer.com/news/microsoft/critical-windows-netlogon-remote-code-execution-flaw-now-exploited-in-attacks/ Summary BleepingComputer reports that CVE-2026-41089, a critical remote code execution vulnerability in the Windows Netlogon RPC interface, is now being exploited in attacks according to Belgium’s Centre for Cybersecurity (CCB). Rated CVSS 9.8, the flaw affects Windows servers acting as domain controllers and can be triggered…

  • Rapid7 Observed Exploitation of PAN-OS GlobalProtect Authentication Bypass Vulnerability (CVE-2026-0257)

    Author: Rapid7 Published: May 29, 2026 (last updated June 3, 2026) Source: https://www.rapid7.com/blog/post/etr-rapid7-observed-exploitation-of-pan-os-globalprotect-authentication-bypass-vulnerability-cve-2026-0257/ Summary Rapid7 reports active in-the-wild exploitation of CVE-2026-0257, an authentication bypass in the Palo Alto Networks PAN-OS GlobalProtect portal/gateway. The flaw stems from improper certificate handling in the authentication override feature: when the certificate used to encrypt authentication-override cookies is reused for…

  • Thalium

    Company: Thalium Website: https://blog.thalium.re/ Overview Thalium is a cybersecurity research team that is part of the Thales group. Based in Rennes, France, the team focuses on threat intelligence, vulnerability research, and red team tool development, and publishes technical security research on its blog. Products & Services As presented on its site, Thalium’s public work centres…

  • Rooting Xiaomi WiFi Routers

    Author: Julien R. (SoEasY) and Marin Duroyon Published: September 25, 2023 Source: https://blog.thalium.re/posts/rooting-xiaomi-wifi-routers/ Summary Researchers at Thalium documented a chain of remote code execution vulnerabilities affecting Xiaomi Wi-Fi routers built on a shared, OpenWrt-derived codebase, with the MI AIoT Router AC2350 as their primary target. The work spans three attack surfaces — LAN post-authentication, LAN…

  • Enable SSH on XiaoMI Router(AX3000T) new Version R1.0.97

    Author: yuspring Published: Gist last active May 6, 2026 Source: https://gist.github.com/yuspring/37aa22bb18cb9c2a773252fb19f6b794 Summary This GitHub Gist documents a technique for enabling root SSH access on the Xiaomi AX3000T Wi-Fi router running stock firmware version R1.0.97 (and later builds after 1.0.90). Earlier community methods relied on the xqsystem/start_binding flaw, which Xiaomi patched; the author shows that the…

  • Breaking Out of Restricted Mode: XSS to RCE in Visual Studio Code

    Author: Devesh Logendran (STAR Labs SG) Published: May 14, 2025 Source: https://starlabs.sg/blog/2025/05-breaking-out-of-restricted-mode-xss-to-rce-in-visual-studio-code/ Summary STAR Labs detailed a cross-site scripting flaw in Visual Studio Code’s Jupyter notebook error rendering that can be chained into full remote code execution. A crafted .ipynb file triggers unsanitized HTML in the “minimal error” renderer, executing JavaScript inside a VS Code…