LodeHQSubscribe →

Starlette BadHost, AI GitHub flaws, Glassworm takedown

Infosec · 2026-05-30

Vulnerabilities & Exploits
Critical ‘BadHost’ flaw in Starlette lets attackers bypass auth in FastAPI apps5 MIN

The newly disclosed CVE‑2026‑48710 in the Starlette ASGI framework, which underpins FastAPI, enables authentication bypass through a malicious Host header. This ‘BadHost’ vulnerability can compromise millions of AI agents and LLM inference services that rely on Starlette’s routing.

Wiz uncovers critical flaws in AI‑powered GitHub Actions from OpenAI, Anthropic, and Google9 MIN

Wiz’s analysis of popular AI GitHub Actions, OpenAI’s Codex, Anthropic’s Claude, and Google’s Gemini, reveals misconfigurations that let any actor trigger AI runs, bypass default permission checks, and exfiltrate dynamically generated credentials. The vulnerabilities affect thousands of public workflows across repositories with over 200,000 combined stars.

Talos shows heap overflow in Orthanc PACS via crafted DICOM files1 MIN

Talos' white‑paper shows how malformed DICOM files can trigger a heap overflow in Orthanc, an open‑source PACS server, by exploiting parsing bugs in libraries like pydicom and GDCM. The researchers walk through the vulnerability chain, demonstrating an out‑of‑bounds write that could lead to remote code execution.

Threats & Malware
US Execs of Call-Tracking Firm Plead Guilty for Enabling Microsoft Scams3 MIN

Two former leaders of C.A. Cloud Attribution, its CEO Adam Young and CSO Harrison Gevirtz, admitted to selling phone numbers and call‑routing services to tech‑support scammers impersonating Microsoft, and to coaching them on evasion. Their guilty pleas highlight how infrastructure providers can amplify fraud schemes targeting vulnerable users.

CrowdStrike, Google, Shadowserver Disrupt Glassworm Botnet via Multi-Channel C2 Takedown2 MIN

Researchers from CrowdStrike, Google and The Shadowserver Foundation simultaneously shut down Glassworm’s four resilient command‑and‑control channels, including Solana blockchain, BitTorrent DHT, Google Calendar and traditional VPS servers, effectively halting the developer‑targeting botnet active since October 2025. Infected hosts now beacon to a CrowdStrike IP, and YARA rules have been published for detection.

Nation‑State Actors Weaponize Open‑Source ROADtools for Cloud Attacks19 MIN

Palo Alto Networks' Unit 42 details how attackers, including APT29 and APT33, use ROADtools, an open‑source Python framework, to enumerate Azure Entra ID, register devices, and manipulate tokens for cloud intrusion, persistence, and evasion. The report gives hunting queries and mitigation advice for defenders.

AI‑driven LLM agent pivots from Marimo RCE to steal internal PostgreSQL data10 MIN

The Sysdig Threat Research Team documented an intrusion where attackers exploited Marimo’s CVE‑2026‑39987, harvested cloud credentials, and then used a large‑language‑model agent to orchestrate rapid post‑exploitation steps, exfiltrating a PostgreSQL database in under two minutes. This marks the first known AI‑agent‑driven attack chain observed in the wild.

Breaches & Industry News
Carnival Cruise Line breach exposes personal data of ~6 million travelers1 MIN

Carnival Corporation disclosed that hackers accessed an employee account on April 14, stealing personal data for about 5.99 million individuals. The compromised information includes names, contact details, dates of birth and government IDs, and the company is offering two years of free credit monitoring to those affected.

Privacy, Policy & Governance
Chrome adds Device‑Bound Session Credentials to block cookie theft for all users4 MIN

Google released Device Bound Session Credentials (DBSC) as a default feature in Chrome 146, binding authentication cookies to a device’s hardware TPM or Secure Enclave. This proactive protection prevents stolen session cookies from being reused, cutting a major vector for account takeovers.

Get Infosec in your inbox, every issue.
Subscribe free
Privacy · Terms · About · Contact
© 2026 LodeHQ