https://pulse.adyog.com/insights/semantic-router-pth-file-persistence-ai-dependency-credential-theft adyog WebPulse en 2026-06-27 A Python .pth File Ran Before Import. AI Routing Library semantic-router Shipped Compromised Credentials Harvester. https://pulse.adyog.com/insights/pnpm-8-cves-supply-chain-lockfile-exploit-path-traversal adyog WebPulse en 2026-06-27 pnpm Discloses 8 CVEs in One Day. Your Lockfile Is the Exploit. https://pulse.adyog.com/insights/gpt-5-6-sol-government-gated-ai-export-controls-security adyog WebPulse en 2026-06-27 GPT-5.6 Sol Requires U.S. Government Approval to Access. AI Just Became Export-Controlled Infrastructure. https://pulse.adyog.com/insights/fluentd-rce-tag-injection-cve-2026-44024-cvss-9-8-observability adyog WebPulse en 2026-06-27 Fluentd RCE via Tag Injection (CVE-2026-44024, CVSS 9.8): The Observability Stack Just Became the Attack Surface https://pulse.adyog.com/insights/cursor-ai-sandbox-escape-cvss-9-8-arbitrary-file-write adyog WebPulse en 2026-06-27 Cursor AI Editor: Two CVSS 9.8 Sandbox Escapes Let a Malicious Agent Write Anywhere on Disk https://pulse.adyog.com/insights/nextjs-163-instant-navigations-agent-skills adyog WebPulse en 2026-06-26 Next.js 16.3 Ships Agent Skills Alongside Instant Navigations https://pulse.adyog.com/insights/n8n-flowise-17-cves-mcp-endpoints-ai-infrastructure-attack-surface adyog WebPulse en 2026-06-26 17 Critical Vulnerabilities Hit n8n and Flowise. MCP Endpoints Are the Weakest Link in AI Infrastructure. https://pulse.adyog.com/insights/mastra-npm-supply-chain-north-korea-sapphire-sleet-ai-framework adyog WebPulse en 2026-06-26 North Korea Hijacked an AI Agent Framework With 8M Weekly Downloads. It Took 88 Minutes. https://pulse.adyog.com/insights/klue-breach-oauth-cascade-hackerone-snyk-recorded-future adyog WebPulse en 2026-06-26 The Cybersecurity Industry Got Breached Through a Sales Tool. OAuth Tokens Are the New Skeleton Keys. https://pulse.adyog.com/insights/jwt-algorithm-confusion-flask-netflix-lemur adyog WebPulse en 2026-06-26 Netflix's Lemur Shows Why JWT Algorithm Pinning Is Non-Negotiable https://pulse.adyog.com/insights/i18next-prototype-pollution-translation-layer-npm-supply-chain adyog WebPulse en 2026-06-26 i18next Prototype Pollution: The Translation Layer Nobody Thought to Secure. https://pulse.adyog.com/insights/gravity-smtp-wordpress-api-keys-leaked-17m-attacks adyog WebPulse en 2026-06-26 A Permission Callback That Returns True. 100,000 WordPress Sites Leaked Live API Keys. 17 Million Attacks Followed. https://pulse.adyog.com/insights/gpt-55-cyber-ai-vulnerability-hunting-patch-the-planet adyog WebPulse en 2026-06-26 GPT-5.5-Cyber Scores 85.6% on Vulnerability Detection. Your Framework Just Got a New Dimension: AI-Defensibility. https://pulse.adyog.com/insights/go-crypto-ssh-10-cves-cvss-10-infrastructure-crisis adyog WebPulse en 2026-06-26 Go's SSH Library Just Dropped 10 CVEs in One Day. One Is a Perfect 10.0. https://pulse.adyog.com/insights/framework-velocity-june-2026-vue-angular-fastapi adyog WebPulse en 2026-06-26 Release Velocity This Week: Vue, Angular, and FastAPI All Ship https://pulse.adyog.com/insights/fortibleed-86000-devices-110m-credentials-perimeter-is-dead adyog WebPulse en 2026-06-26 FortiBleed: 86,000 Firewalls Compromised, 110 Million Credentials Harvested. Your Perimeter Just Became the Attack. https://pulse.adyog.com/insights/difytap-dify-ai-platform-cross-tenant-data-exposure-cvss-9-4 adyog WebPulse en 2026-06-26 DifyTap: The AI Platform Powering 1 Million Apps Was Leaking Private Chats Between Tenants. CVSS 9.4. https://pulse.adyog.com/insights/cordyceps-cicd-300-repos-microsoft-google-supply-chain-hijack adyog WebPulse en 2026-06-26 Cordyceps: 300+ GitHub Repos at Microsoft, Google, Cloudflare Exploitable via CI/CD Flaws. Your Framework Is Only as Secure as Its Build Pipeline. https://pulse.adyog.com/insights/cisco-sd-wan-seventh-zero-day-2026-cisa-kev-siege adyog WebPulse en 2026-06-26 Cisco SD-WAN Logs Its Seventh Zero-Day of 2026. CISA Deadlines Are Piling Up. https://pulse.adyog.com/insights/autojack-one-web-page-hijacks-microsoft-autogen-ai-agent adyog WebPulse en 2026-06-26 AutoJack: An AI Agent Visited a Web Page. That Web Page Took Over the Machine. https://pulse.adyog.com/insights/akamai-api-security-87-percent-breached-visibility-collapsing adyog WebPulse en 2026-06-26 87% of Organisations Suffered an API Security Incident. The Worse Number Is the One That Went Down. https://pulse.adyog.com/insights/wordpress-epss-098-highest-exploit-probability-any-framework adyog WebPulse en 2026-06-25 WordPress Has a 98% Exploit Probability Score. No Other Framework Comes Close. https://pulse.adyog.com/insights/ubiquiti-unifi-triple-zero-day-cisa-kev-ransomware-edge adyog WebPulse en 2026-06-25 Three CVSS 9.5 Vulnerabilities in Ubiquiti UniFi. CISA Says Patch by Tomorrow. Ransomware Operators Are Already Inside. https://pulse.adyog.com/insights/trapdoor-supply-chain-poisons-cursor-claude-code-ai-assistants adyog WebPulse en 2026-06-25 TrapDoor Plants Instructions Inside Your AI Coding Assistant. It Follows Them. https://pulse.adyog.com/insights/thirty-critical-cves-zero-percent-patched-at-disclosure adyog WebPulse en 2026-06-25 30 Critical CVEs Disclosed in 24 Hours. Zero Patches Available. The Gap Is Getting Worse. https://pulse.adyog.com/insights/supply-chain-attacks-outrunning-cve-system-shai-hulud-miasma-hades adyog WebPulse en 2026-06-25 100+ npm and PyPI Packages Compromised. Zero CVEs Filed. The Supply Chain Is Outrunning the Vulnerability System. https://pulse.adyog.com/insights/squidbleed-29-year-old-proxy-bug-ai-discovered adyog WebPulse en 2026-06-25 Squidbleed: A 29-Year-Old Bug That AI Found and Humans Missed. The Audit Landscape Just Changed. https://pulse.adyog.com/insights/shapedplugin-wordpress-supply-chain-400k-sites-backdoored adyog WebPulse en 2026-06-25 ShapedPlugin Backdoor: 400K WordPress Sites Exposed Through a Compromised Build Pipeline. https://pulse.adyog.com/insights/gemini-cli-cvss-10-google-own-ai-tool-cicd-rce adyog WebPulse en 2026-06-25 Gemini CLI Scored CVSS 10.0. A GitHub Issue Could Execute Arbitrary Commands on Your Build Server.