Security news.
Today's security brief highlights critical unpatched vulnerabilities in AI coding tools and browser extensions, alongside significant patches from SAP and warnings about state-sponsored cyberattacks. Phishing campaigns targeting Microsoft 365 accounts with MFA bypass techniques also remain a major threat.
Unpatched Claude for Chrome Flaw Exposes Gmail, Calendar
A persistent "ClaudeBleed"-linked vulnerability in the Claude for Chrome extension reportedly allows other extensions to access sensitive user data, despite eight previous patches.
Cursor IDE Auto-Executes Malicious Code in Poisoned Repos
The Cursor AI coding platform remains vulnerable to attacks where it auto-executes malicious code from poisoned repositories, a flaw reported in December 2025 that still persists.
New Phishing Kits Target Microsoft 365, Bypass MFA
Two new phishing kits, Jalisco and OmegaLord, are actively used in attacks against Microsoft 365 accounts, employing techniques to bypass multi-factor authentication.
SAP Patches Critical Vulnerabilities in NetWeaver, Commerce Cloud
SAP released its July 2026 security updates, addressing 16 vulnerabilities, including three critical flaws in NetWeaver, Commerce Cloud, and AppRouter that could allow data access, modification, and system unavailability.
US, Allies Warn of Russian Cyberattacks on Critical Infrastructure Routers
Multiple state-sponsored APTs from Russia are reportedly compromising poorly secured devices across critical infrastructure sector networks, according to a joint warning from the US and its allies.
Multiple Jscrambler Packages Hit by Supply Chain Attack
A supply chain attack has poisoned several Jscrambler NPM package versions, injecting a cross-platform credential stealer, with malicious versions downloaded almost 1,500 times.
Grok Build Uploaded Entire Git Repositories to xAI Storage
xAI's Grok Build coding CLI, specifically version 0.2.93, was found to be uploading entire Git repositories, including full commit history, to an xAI-operated Google Cloud Storage bucket, instead of just required files.
Microsoft Entra ID to Default to Passkeys Authentication in September
Microsoft announced that passkeys will become the default authentication method for its enterprise identity service, Entra ID, beginning in September 2026, enhancing security for corporate accounts.