Cyber Security News

Hacking Editorial Brief — June 10, 2026

CISA Adds LiteLLM Command Injection and SharePoint Zero-Day to Active Exploitation List

CISA added two vulnerabilities to its Known Exploited Vulnerabilities catalog following confirmed active exploitation. CVE-2026-42271, a high-severity command injection flaw in LiteLLM, enables attackers to chain the vulnerability for unauthenticated remote code execution. Separately, CVE-2026-32201, a Microsoft SharePoint Server spoofing vulnerability patched in April, was exploited prior to patch availability, allowing attackers to spoof trusted content and access sensitive information. Both additions indicate that threat actors are actively targeting enterprise infrastructure, with the LiteLLM vulnerability particularly concerning for organizations deploying AI model management tools.

Meta AI Tool Flaw Compromised Over 20,000 Instagram Accounts; GitHub Disables Microsoft Repositories

Meta disclosed that a logic flaw in its AI-powered High Touch Support tool failed to properly verify email addresses during password resets, enabling attackers to hijack 20,225 Instagram accounts between April and May 2026. The vulnerability exposed unredacted contact information including email addresses and phone numbers during the reset process, with Mark Zuckerberg's account among those affected before an emergency hotfix was deployed. In separate infrastructure security news, GitHub automatically disabled 73 Microsoft repositories within 105 seconds after detecting malicious commits from the Miasma worm, which targets AI coding tools. The rapid automated response demonstrates platform-level defenses against supply chain attacks, though the incident highlights ongoing threats to AI-assisted development environments.

Sources: The Hacker News · The Hacker News · Infosecurity Magazine · Cyberpress · The Register