OAuth 2.0 Flow 및 Prompt Injection 기반의 계정 탈취 공격 분석
Security news weekly round-up - 19th June 2026
Security news weekly round-up - 19th June 2026
Pink is the latest goon squad to use fake helpdesk calls to steal creds
GitHub Internal Repositories Breached: Source Code and Internal Data Allegedly Exfiltrated in 2026 Supply Chain Attack
GitHub confirmed a breach last week that exposed around 3,800 internal repositories. The cause wasn't a zero-day. It was a VS Code extension.
Even Claude agrees: hole in its sandbox was real and dangerous
Investigating unauthorized access to GitHub’s internal repositories
GitHub says internal repos exfiltrated after poisoned VS Code extension attack
Cookie thieves caught stealing dev secrets via fake Claude Code installers
Incident CVE-2024-Yikes
Mercor's 4TB Voice Heist: I Ran the Same Attack on My Own AI Data Stack
Bitwarden CLI Compromised: What Developers Need to Know About the Ongoing Checkmarx Supply Chain Attack
Dev targeted by sophisticated job scam: 'I let my guard down, and ran the freaking code'
Another npm supply chain worm is tearing through dev environments
ShinyHunters Claims Responsibility for Rockstar Games Breach with Deadline-Driven Demand
aIR-Jumper: exfiltran datos de redes air-gap vía cámaras IR
We May Be Living Through the Most Consequential Hundred Days in Cyber History
The China Supercomputer Breach: How 10 Petabytes of Data "Walked Out" of a Tier-1 Facility