Morning Overview on MSN

GitHub just confirmed hackers broke into its own code through a poisoned coding tool — slipping in on a developer’s laptop without anyone noticing for days

Sometime in early 2025, an attacker slipped malicious code into a Visual Studio Code extension, and a GitHub employee installed it. For several days, that extension ran quietly on the developer’s ...
SecurityWeek

Claude Mythos Turns N-Days Into N-Hours With Rapid Exploit Creation

Claude Mythos Preview autonomously built 16 working exploits targeting Firefox and Windows vulnerabilities within hours.
The Hacker News

LiteLLM Flaw CVE-2026-42271 Exploited in the Wild, Chains to Unauthenticated RCE

CISA added CVE-2026-42271, a high-severity LiteLLM command injection flaw, to its KEV catalog after evidence of active ...

Google publishes exploit code threatening millions of Chromium users

Google on Wednesday published exploit code for an unfixed vulnerability in its Chromium browser codebase that threatens ...

DxSale drained for $7.3M in BNB Chain liquidity exploit

DxSale was hit by a $7.3 million exploit that affected at least 1,400 liquidity providers on the BNB chain, adding to the mounting concerns around the DeFi industry’s cybersecurity.
Hosted on MSN

Active exploits target major server platforms amid urgent patch calls

Critical flaws emerge: Severe vulnerabilities in Apache HTTP/2, SharePoint, cPanel, and iOS are confirmed, some with working exploits and active attacks. Patching urgency: Authorities urge immediate ...