BadHost is one character in an HTTP header that bypasses authentication on FastAPI, vLLM, LiteLLM, and the Python MCP SDK. They all run on Starlette. Starlette has more than 400,000 dependent projects on GitHub. The bug is in Starlette.

It is tracked as CVE-2026-48710, disclosed on May 22. Starlette is the framework that sits underneath FastAPI and handles the basic plumbing of web requests: routing, middleware, everything that happens before your code runs. Through FastAPI it reaches vLLM, LiteLLM, Text Generation Inference, most OpenAI-compatible proxy servers, MCP servers, agent frameworks, and model management dashboards.

A SQL injection vulnerability in Ghost CMS has turned Harvard University, Oxford University, and DuckDuckGo into malware distribution platforms. Visitors arrive at a page they trust completely, a fake Cloudflare verification prompt appears, and their machine gets infected if they follow the instructions. More than 700 sites. Software that had never had an unauthenticated critical vulnerability in its entire history.

Ghost CMS is publishing software built on Node.js, used for newsletters, membership sites, and independent blogs. It is open source and free to self-host, with a paid hosted version called Ghost Pro. More than 100,000 active installations and more than 50,000 GitHub stars.

Shodan Eye: What if I could see EVERYTHING connected to the internet?

That was my question for a long time… And that’s how Shodan Eye was born.

Most people think the internet is what you browse through a browser. Websites, social media, search engines. That part is called the World Wide Web, and it is just a thin layer on top of something much larger. Underneath it, directly connected to the internet, are billions of devices that have never heard of a web page. Routers, cameras, industrial control systems, medical devices, traffic lights, refrigerators, power plants. Even devices you would never suspect. They are all online. Most of them are never meant to be found. Some of them have no password at all. Shodan Eye was built to find them.

The command server is a botnet’s one real weak point. Take it down and the bots go quiet. Operators figured this out early and built their infrastructure to survive exactly that.

This article covers how they do it. How botnets hide their command infrastructure inside Tor and I2P, how they scan for new victims without exposing themselves, and what to look for to detect it. Technical and step by step.

Google tells you the key is gone. It keeps working for 23 more minutes. When you delete a Google API key, a dialog appears that says the following: “Once deleted, it can no longer be used to make API requests.” That is the message. It is printed there by Google, presented as fact at the exact moment you think the risk is gone. It is not true.

Security researcher Joe Leon at Aikido Security spent two days testing what actually happens after a key is deleted. He created keys, deleted them, and kept firing authenticated requests at Google’s servers at three to five per second until no valid response came back. He ran ten separate trials. The shortest window before a deleted key fully stopped working was nearly eight minutes. The median was sixteen minutes. The longest was just under twenty-three minutes. During all of that time, the key was authenticating successfully on Google’s infrastructure. A deleted key. Still working.

GhostTree makes Windows Defender stop scanning. Two lines of code, no admin rights, and malware sitting right next to it goes completely undetected. A Varonis researcher published it today, confirmed it works, and Microsoft’s first response was that this does not count as a security issue. Then they patched it anyway.

Windows lets you create a folder that points to another folder. The operating system follows that pointer as if the destination is real. Most applications and scanners follow junctions transparently unless they explicitly check for reparse points, which most do not. The feature has been built in for decades and has a perfectly legitimate purpose: backward compatibility, keeping old software happy when file locations change. The Windows name for it is an NTFS junction. The part that matters for this attack: any standard user account can create one. No admin rights needed. Write access to a folder is enough, and most users already have that in their own profile and in shared directories.

Chrome keeps saved passwords locked behind one master key. VoidStealer steals that key using a tool Chrome cannot block. It does not need administrator rights, does not touch the browser’s code, and when it is done, saved passwords, open login sessions, and stored payment cards are all readable. The technique had been sitting on GitHub as open-source research for over six months. Nobody had used it in the wild until now.

Reaper swipes macOS passwords and crypto wallets, backdoors the machine, and pretends to be Apple, Microsoft, and Google in the same attack. Apple shipped an update in March to stop exactly this. Reaper already bypasses it.

Reaper belongs to a malware family called SHub Stealer, active since April 2025. SHub grew out of an earlier macOS stealer called MacSync, which itself was built on a foundation called Mac.c, first spotted in April 2025. Within months it turned into a commercial crime service, meaning the people who built the infrastructure rent access to different operators who run their own campaigns with their own targets and lures. Researchers at Malwarebytes, Jamf, Moonlock, and Microsoft’s Defender Security Research team had already documented earlier variants, but this version of Reaper does things none of the earlier builds could: a bypass of Apple’s latest security update, a persistent backdoor that survives reboots, and a method for permanently hijacking installed crypto wallet applications without triggering a single security warning.

A Windows zero-day called MiniPlasma gives any standard user full SYSTEM access on a fully patched machine. Microsoft patched it in December 2020, assigned it CVE-2020-17103, and marked it as fixed. Five and a half years later, the original Google proof-of-concept runs on a machine with all current updates installed without changing a single line of code and opens a SYSTEM shell. Microsoft patched this in 2020. It’s still there.

Google caught a criminal group that used AI to find a zero-day in a popular web admin tool and had a working exploit ready for a mass attack against thousands of systems. Google has never named the tool. The attack never launched. What gave them away was a CVSS severity score inside the code for a vulnerability that has never been officially rated. The AI made up a number that does not exist.