{"uuid": "606259df-6d71-4dcf-a9d3-6dc21fd76808", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48710", "type": "seen", "source": "https://t.me/bhhub/1197", "content": "Weekly 7 AI &amp; Cyber signals to act on (Jun 6\u201315, 2026)\n\n#AISecurity@bhhub \n\n\u2728Anthropic Disables Fable 5 and Mythos 5 After US Export-Control Directive Over Jailbreak Concerns\nURL\nUS government ordered Anthropic to cut off all foreign-national access to its most capable models, Claude Fable 5 and Mythos 5, citing a jailbreak that could unlock dangerous cybersecurity capabilities \u2014 Anthropic complied within hours but publicly disputed the scope of the threat, noting the same jailbreak could elicit similar capabilities from competitor models not subject to the order.\n\n\u2728 OWASP \"State of Agentic AI Security and Governance v2.01\" \u2014 Real CVEs Replace Theoretical Threats, Coding Agents Are the Top Risk Driver\nURL\nOWASP's GenAI Security Project released v2.01 of its agentic AI security and governance report, shifting from last year's catalogue of plausible threats to one built on actual CVEs, vendor advisories, and breach reports \u2014 finding that 28 of 53 tracked agentic projects are coding agents, that prompt injection remains the dominant production failure mode, and that \"lethal trifecta\" risk combinations (private data + untrusted content + external communication) are amplified by multi-agent cascading failures.\n\n#AppSec@bhhub \n\n\u2728 Miasma Worm Hits 73 Microsoft GitHub Repos via AI Coding Agent Config Poisoning \u2014 Attack Framework Later Leaked Publicly\nURL\nA self-replicating supply-chain worm pushed malicious AI-coding-agent configuration files \u2014 a poisoned .claude/settings.json SessionStart hook plus equivalents for Cursor, Gemini CLI, and VS Code \u2014 into 73 Microsoft Azure, Azure-Samples, Microsoft, and MicrosoftDocs repositories via a compromised contributor account; opening any of the affected repos in an AI coding tool silently triggered a credential-harvesting payload. GitHub disabled all 73 repos in two automated waves within 105 seconds, but the attack framework itself was leaked publicly five days later via a \"Miasma-Open-Source-Release\" repo.\n\n\u2728 CVE-2026-42271 + CVE-2026-48710 Chain to Unauthenticated RCE in LiteLLM AI Gateway \u2014 Added to CISA KEV\nURL\nHorizon3.ai chained a LiteLLM command-injection flaw (CVE-2026-42271, CVSS 8.7, affecting the open-source AI gateway and Python SDK from BerriAI) with a Starlette \"BadHost\" header-validation bypass (CVE-2026-48710) to achieve full unauthenticated remote code execution against LiteLLM deployments; CISA confirmed active exploitation and added both CVEs to its Known Exploited Vulnerabilities catalog on June 8.\n\n#RedTeam@bhhub \n\n\u2728 MPBench: First Systematic Benchmark of Memory-Poisoning Attacks Against LLM Agents\nURL\nA new benchmark systematically evaluates memory-poisoning attacks against LLM agents that maintain persistent or long-term memory, showing that injected false memories survive across sessions and propagate into downstream task execution at high success rates, while existing memory-sanitization defenses provide only partial mitigation.\n\n\u2728 Hack The Box \"Attack of the Agents\" CTF: Autonomous AI Agent Solves 4/10 Challenges Unprompted Ahead of MCP Server GA\nURL\nHTB's internal CTF event field-testing its new Model Context Protocol (MCP) server integration saw an AI-driven agent independently join the competition and autonomously solve 4 of 10 challenges with no human direction, while a human participant with no prior cybersecurity background scored a perfect 10/10 in 38 minutes \u2014 versus the platform's historical average solve time of 4.3 hours.\n\n#Blue@bhhub \n\n\u2728 BlueVoyant Launches \"BlueVoyant AI\" Agentic SecOps Platform with Autonomous Containment Actions\nURL\nBlueVoyant launched an agentic Security Operations platform that applies ensemble models to cut alert noise and authorizes AI agents to autonomously isolate devices, revoke access tokens, and remove malicious email \u2014 with every agent action logged for audit and rollback \u2014 offered as a fully managed SOC or self-service SaaS, with deep integration across its 2,500+ existing Microsoft-centric customer deployments.", "creation_timestamp": "2026-07-14T12:00:05.464803Z"}