OpenBSD flaw, GitHub AI data leak, and CDN supply chain risk top security news
A critical use-after-free vulnerability (CVE-2026-57589) in OpenBSD allows local attackers to escalate privileges to root, prompting urgent patch advisories for system administrators. Separately, security researchers demonstrated a prompt injection attack called 'GitLost' that manipulated GitHub's AI agent into leaking code from private repositories. The exploit bypassed safeguards by crafting malicious inputs that redirected the AI agent's behavior, exposing confidential data. A third incident involved an obfuscated, self-evaluating bash script discovered embedded in data linked to a Uniqlo t-shirt and served via Akamai's CDN, raising supply chain integrity concerns. Together, the three cases highlight growing security risks across operating systems, AI integrations, and content delivery infrastructure.
This is an AI-generated summary. ShortSingh links to the original source for the complete article.
Discussion (0)
Log in to join the discussion and vote.
Log in