criticalVulnerabilities & Exploits
CISA Adds FileZen to KEV as Multiple Critical Vulnerabilities Surface
CISA added FileZen CVE-2026-25108 to its KEV catalog following confirmed active exploitation of the command injection vulnerability. Separately, GitHub patched the RoguePilot flaw that allowed attackers to steal tokens via malicious Copilot instructions, while Microsoft identified a developer-targeting campaign using poisoned Next.js repositories.
The Hacker News, Microsoft Security, SANS ISC, MSRC Security Updates
filezencisa-kevgithub-copilot