Daily Signal - page 18 | 0day.digest

Tuesday, April 28, 2026

Critical GitHub RCE CVE-2026-3854 Exposed Millions of Repositories

rce · cve · vulnerability · github

LiteLLM CVE-2026-42208 SQL Injection Exploited Within 36 Hours of Disclosure

sqli · llm · vulnerability · cve

LiteLLM CVE-2026-42208 SQL Injection Under Active Exploit Within 36 Hours

sqli · cve · vulnerability · llm

Monday, April 27, 2026

Microsoft Patches Entra ID AI Agent Role That Enabled Service Principal Takeover

privilege-escalation · iam · microsoft · vulnerability

Medtronic Breach Confirmed: ShinyHunters Claims 9 Million Records Stolen

Microsoft VibeVoice: MIT-Licensed Speech-to-Text Model with Built-In Speaker Diarization

model-release · microsoft

PyPI Package 'elementary-data' with 1.1M Monthly Downloads Backdoored to Steal Credentials

supply-chain · pypi · malware

ADT Data Breach Confirmed at 5.5 Million Records; ShinyHunters Identified as Attacker

data-breach · ransomware