Attackers probe Kemp RCE, Chrome sandbox falls to one bug
A pre‑authentication remote code execution flaw (CVE‑2026‑8037) in Progress Kemp LoadMaster lets unauthenticated attackers run arbitrary root commands via an uninitialized‑memory bug in the dodelapikey API. eSentire’s Threat Response Unit says exploitation attempts are already underway, forcing admins to patch immediately.
Tenet Threat Labs proved that a single forged Sentry bug report can make AI coding assistants, Claude Code, Cursor, Codex, execute attacker‑controlled code, spilling AWS keys, GitHub tokens and other secrets. The exploit works across hundreds of firms, including a Fortune 100, because agents trust telemetry as native system output, bypassing EDR and firewalls. Developers must treat external logs as untrusted and apply the newly released hardening configs.
A type‑confusion bug in V8’s TurboFan JIT compiler gives attackers arbitrary read/write inside the V8 heap sandbox and an automatic escape to the renderer process. The flaw spans Chrome 106 and survives four years of patches, turning a single exploit into full‑system code execution.
Attackers are registering domains that large language models hallucinate for legitimate brands, then using those phantom sites to hijack AI‑generated code and traffic. Unit 42 found over 250,000 such unregistered domains and documented real‑world abuse, proving this new vector can compromise supply chains before defenders see it.
Kaspersky uncovered Umbrij, a custom tool the ToddyCat APT uses to hijack Gmail accounts via OAuth token theft. By attaching to a Chromium browser’s remote‑debug port, the malware silently grabs a “shadow token” and gains persistent API access to email and other Google services. Detect it via unusual scheduled tasks, DLL sideloading, and Kaspersky’s heuristic verdicts.
Check Point Research turned an LLM hallucination about a nonexistent 'browser-only ransomware' into a working proof‑of‑concept that encrypts files wholly inside the browser using JavaScript and the File System Access API. The attack requires no downloaded executable, sidestepping traditional endpoint defenses and expanding the threat surface for browsers that grant file‑system permissions.
The DOJ unsealed a complaint charging 19‑year‑old Peter Stokes, a dual US‑Estonia citizen, with conspiracy, computer intrusion and fraud for his role in Scattered Spider. He was arrested in Finland and extradited to Chicago, highlighting the U.S. reach against transnational teen‑run ransomware groups that have caused over $100 million in losses.
Microsoft announced it will shift its Quantum Safe Program to have critical products and services using post‑quantum cryptography by 2029. The move responds to faster‑than‑expected quantum advances and government guidance, pushing organizations to start crypto‑agility work now to avoid future cost and risk spikes.
Microsoft details an MCP tool‑poisoning attack that lets adversaries hijack Copilot‑style agents to silently hand over corporate data, then offers a playbook using built‑in Microsoft controls to detect and block the abuse. As AI agents shift from reading to acting, the threat surface expands dramatically, making tool metadata a critical new attack vector.
Subscribe free