Cloud
-
LiteLLM flaw exploited within 36 hours of public disclosure
LiteLLM’s CVE-2026-42208 SQL injection was exploited within 36 hours of disclosure, with attackers targeting database tables that store provider keys and runtime settings. The flaw affects versions 1.81.16 through 1.83.6.
-
Vimeo says customer data exposed after Anodot breach
Vimeo said some customer and user data was accessed without authorization after the Anodot breach, including email addresses for some customers, technical data, video titles and metadata. The company said video content and payment data were not exposed.
-
Microsoft fixes Entra ID role flaw that could let users take over service principals
Microsoft fixed an Entra ID role flaw that could let users with the Agent ID Administrator role take over non-agent service principals, add credentials and potentially escalate privileges, according to a Silverfort technical analysis.
-
LMDeploy flaw exploited within 13 hours of disclosure, researchers say
LMDeploy flaw CVE-2026-33626 was exploited within 13 hours of disclosure, researchers said. The SSRF issue could expose cloud credentials and internal services, and early attacks probed metadata, databases and loopback targets.
-
UNC6692 Uses Microsoft Teams Help Desk Impersonation to Push Custom Malware
UNC6692 used Microsoft Teams help desk impersonation, email bombing and a custom malware chain to target corporate users, according to Mandiant. The activity included credential harvesting, remote access, tunneling and later-stage network movement.
-
Vercel Finds More Customer Accounts Compromised After Security Incident
Vercel said it found additional customer accounts compromised in a security incident that exposed its internal systems, but did not say how many were affected. The company linked the breach to a compromised Context.ai account used by a Vercel employee.
-
EU awards sovereign cloud tender worth up to 180 million euros
The European Commission awarded a cloud services tender worth up to €180 million over six years to four Europe-based provider groups, part of a wider effort to build sovereign cloud capacity for EU institutions and agencies.
-
Vercel says breach linked to third-party AI tool exposed limited customer credentials
Vercel said a breach tied to a third-party AI tool exposed access to some internal systems and affected a limited subset of customers. The company said sensitive environment variables were not known to be accessed and urged credential rotation.
-
Critical Marimo flaw exploited within 10 hours of disclosure
A critical Marimo Python notebook flaw was exploited less than 10 hours after disclosure, with attackers gaining shell access and stealing credentials from a vulnerable instance in under three minutes, according to a technical analysis from Sysdig.
-
Cisco Talos warns attackers are abusing GitHub and Jira notifications for phishing
Cisco Talos says attackers are abusing GitHub and Jira notification systems to send phishing emails that pass standard authentication checks and may look trusted to corporate users.
