eastbaycyber

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Threat digests 11 min read
EC
East Bay Cyber Editorial Team Reviewed 2026-06-03
Week of 3 JUN 2026

TL;DR - Sitefinity, OpenMed, Spacelabs, and WordPress admins have fresh high-severity patching work. - VS Code token theft and Minecraft malware campaigns raise user-driven compromise risk. - Prioritize internet-exposed apps, credential hygiene, and plugin reviews today.

Top Stories

VS Code zero-day can steal GitHub tokens with one click

A newly reported Visual Studio Code zero-day can let attackers steal GitHub authentication tokens if a target is tricked into clicking a malicious link, according to BleepingComputer (source). For development teams, this is a supply-chain and source-code risk, not just an endpoint issue.

Why it matters - GitHub tokens often grant access to private repositories, CI/CD workflows, packages, and secrets. - Developer workstations remain high-value targets because one stolen token can pivot into build systems and production infrastructure. - Public exploit discussion increases the chance of copycat abuse.

What to do now - Require short-lived tokens where possible. - Review GitHub token scopes and revoke unnecessary classic PATs. - Rotate tokens for users who opened untrusted VS Code links or extensions. - Audit recent GitHub activity for unusual OAuth grants, PAT creation, repository cloning, or workflow edits. - Restrict extension installation and external link handling on managed developer endpoints.

Google adds Android defenses against AI deepfake scam calls

Google is rolling out an Android feature designed to detect and flag scam calls where AI is used to impersonate personal contacts, per BleepingComputer (source).

Why it matters - Voice phishing is becoming more convincing as attackers use AI-generated voices. - SMBs are especially exposed when finance, HR, and executives trust caller identity based on voice alone. - Mobile protections help, but they do not replace process controls.

What to do now - Train staff to verify urgent payment, gift card, payroll, or credential requests through a second channel. - Update call-back verification procedures for finance and help desk teams. - Enable mobile threat and anti-spam features on managed Android fleets where available. - Treat “familiar voice” as insufficient proof of identity.

Law enforcement disrupts nine illegal streaming crime groups

European and international law enforcement agencies reportedly dismantled nine organized crime groups and arrested 29 suspects in a crackdown on illegal streaming services, according to BleepingComputer (source).

Why it matters - Illegal streaming ecosystems frequently overlap with fraud, credential theft, and malware distribution. - Takedowns cause infrastructure churn, which can displace operators into adjacent criminal services and new domains. - Organizations should expect phishing, fake “service migration,” and payment-themed scams following disruption events.

What to do now - Block newly observed domains tied to streaming fraud and ad-tech abuse. - Remind users not to reuse corporate passwords on entertainment or piracy sites. - Monitor for credential stuffing spikes against SSO and VPN portals.

Reporting from BleepingComputer says the WeedHack malware campaign has infected more than 116,000 Minecraft systems since January (source). A related industry roundup also highlighted CountLoader activity and miners spread through pirated content (source).

Why it matters - Gamer-focused malware often leaks into enterprise environments through BYOD systems, reused credentials, and developer or creator endpoints. - “Mods,” cheats, launchers, and pirated installers remain effective malware lures.

What to do now - Enforce application allow-listing where practical. - Hunt for commodity loader behavior on endpoints used by students, creators, or contractors. - Reset passwords if personal compromise may overlap with corporate accounts.

CISA warns on automatic tank gauge system security

CISA issued guidance urging stronger security for Automatic Tank Gauge (ATG) systems (source). This is especially relevant to fuel retailers, logistics operators, and any business with operational technology tied to physical inventory.

Why it matters - Weakly secured ATG systems can create operational disruption, safety risk, and downstream billing or supply issues. - Many of these deployments still rely on flat networks, legacy credentials, or internet exposure.

What to do now - Inventory ATG devices and management paths. - Verify remote access controls, MFA, segmentation, and vendor support status. - Remove direct internet exposure and document break-glass access procedures.

Critical Vulnerabilities

CVE-2026-7312 and CVE-2026-7198 in Progress Sitefinity

Progress published a security advisory for multiple Sitefinity vulnerabilities including: - CVE-2026-7312: exposed plain-text credentials used to connect to Sitefinity Insight under certain non-default conditions, CVSS 10.0 - CVE-2026-7198: improper access control that can allow unauthenticated access to restricted content, CVSS 9.8

Official advisory: Progress Sitefinity advisory

Affected versions Per the vendor advisory, CVE-2026-7312 affects multiple Sitefinity release trains from 14.x through 15.4.8630 boundaries described by Progress, while CVE-2026-7198 impacts Sitefinity 15.4.8623 before 15.4.8630.

Why defenders should care - Sitefinity is frequently internet-facing and often integrated with customer data and marketing systems. - Credential exposure plus access control flaws can compound impact. - Even when exploitation requirements are “non-default,” real-world deployments often drift from defaults.

Immediate actions 1. Identify all Sitefinity instances and versions. 2. Upgrade to vendor-fixed builds cited in the advisory. 3. Review whether Sitefinity Insight integration is enabled. 4. Rotate any credentials used for Sitefinity Insight or adjacent service accounts. 5. Review web logs for unexpected unauthenticated access to restricted content.

CVE-2026-47117 in OpenMed

OpenMed fixed a remote code execution issue in versions before 1.5.2. The bug is tied to model loading in the privacy-filter path where user input could steer execution into Hugging Face model loading with trust_remote_code=True, enabling malicious code execution through crafted model repositories. References include the fix commit and release notes (commit, release, advisory summary).

Why defenders should care - This is a textbook example of AI/ML feature exposure expanding the attack surface. - Any service that can fetch and execute remote model-associated code is highly sensitive. - Healthcare and research teams may deploy these tools quickly without hardening.

Immediate actions - Upgrade to OpenMed 1.5.2 or later. - Audit for any use of remote models and disable unsafe dynamic code execution patterns. - Review outbound connections from the service to model repositories. - Inspect for anomalous process execution, file writes, or persistence created by the service account.

CVE-2026-0611 in Spacelabs Healthcare Sentinel

Spacelabs disclosed an unauthenticated remote code execution vulnerability affecting Sentinel 10.5.x and higher and 11.x.x before 11.6.0, tied to a deprecated .NET Remoting HTTP channel on port 8989. Exploitation requires that the port be deliberately made network-accessible; it is not exposed in a default installation. References: product page, vendor advisory PDF, advisory summary.

Why defenders should care - Even when not default-exposed, legacy management channels tend to become reachable through exception rules, vendor access, or flat clinical networks. - The write path to IIS webroot raises webshell risk.

Immediate actions - Upgrade to Sentinel 11.6.0 or later if applicable. - Confirm whether port 8989 is reachable from any untrusted network segment. - Review firewall and ACL changes for historic exposure. - Hunt for unexpected ASPX files in IIS web roots and suspicious remoting traffic.

CVE-2026-5076 in ARMember Premium for WordPress

Wordfence disclosed an insecure password reset mechanism in ARMember Premium for WordPress affecting versions up to and including 7.3.1. The plugin stores a plaintext copy of a reset key in user metadata, which can be abused in combination with another issue such as SQL injection to reset passwords and take over accounts. References: plugin listing, Wordfence advisory.

This follows separate reporting that attackers are already exploiting a critical flaw in the Kirki WordPress plugin, CVE-2026-8206, to hijack admin accounts (source).

Why defenders should care - WordPress compromise often begins with plugin chaining. - Plaintext reset key storage is especially dangerous in environments already exposed to database theft or SQL injection. - Actively exploited WordPress flaws increase urgency across the whole plugin stack.

Immediate actions - Update ARMember to the fixed release once available from the vendor channel you use. - Review whether any SQL injection exposure exists in the same environment. - Rotate passwords for privileged WordPress accounts if compromise is suspected. - Audit plugins broadly, not one at a time.

What Defenders Should Do Today

1) Patch internet-facing CMS and healthcare systems first

Prioritize: - Progress Sitefinity - Spacelabs Sentinel - OpenMed - WordPress plugins with auth or reset logic

If you run a mixed environment, patching order should follow exposure and blast radius: 1. Internet-facing authenticated portals and CMS 2. Systems holding credentials or PII 3. Healthcare and OT systems with legacy service exposure 4. Internal-only tools with no external access

2) Review credentials and token hygiene

The strongest theme in today’s digest is credential abuse: - GitHub tokens from developer tooling - Sitefinity credential exposure - WordPress reset key misuse - Reused passwords in consumer malware campaigns

Do today - Rotate service credentials exposed to vulnerable apps. - Reduce PAT scope and age. - Enforce MFA everywhere feasible. - Search for secrets in repositories and CI logs.

3) Tighten user-driven execution paths

Several stories depend on users clicking, installing, or trusting: - VS Code malicious link flows - Gamer malware and pirated content - AI voice scams

Do today - Block unapproved extensions and unsigned software. - Train users on callback verification. - Reiterate policies against pirated software on work devices. - Add warning banners or browser controls for risky downloads.

4) Hunt for indicators of compromise around the highest-risk paths

Start with: - Web application logs for unauthenticated access spikes - GitHub audit logs for token and OAuth changes - Endpoint telemetry for new loaders, miners, or unusual child processes - IIS directories for rogue ASPX files on Sentinel hosts - WordPress database and admin logs for unexpected reset flows or role changes

Technical Deep Dive

Technical Notes: Sitefinity exposure checks

Use external scanning and internal inventory to identify exposed Sitefinity instances and web roots:

# Example: enumerate known Sitefinity hosts from CMDB export
cat sitefinity_hosts.txt | while read host; do
  echo "=== $host ==="
  curl -k -I --max-time 10 https://$host/ | head
done

Review web server logs for suspicious unauthenticated requests to restricted paths:

# Generic grep example for IIS/WAF exports
grep -Ei 'sitefinity|insight|login|admin|api' *.log | grep -Ei ' 200 | 302 '

What to look for: - Unexpected access to admin or restricted content without a valid session - Requests from new IP ranges before privileged account changes - Traffic to integration endpoints tied to Insight configuration

Technical Notes: GitHub token review

For development teams, check GitHub audit events and recent token changes:

# Example using GitHub CLI for the current authenticated context
gh auth status
gh repo list --limit 20

Operational checks: - Review organization audit logs in GitHub for new PATs, OAuth grants, workflow changes, and repository transfers. - Revoke and reissue tokens for users who interacted with suspicious VS Code content. - Search CI/CD systems for recently failed authentications after token rotation, which may reveal forgotten secrets.

Technical Notes: OpenMed and unsafe model loading

If you operate OpenMed or similar ML-backed services, search configs and code for risky loading behavior:

grep -R "trust_remote_code" /opt /srv /app 2>/dev/null
grep -R "model_name" /opt /srv /app 2>/dev/null

High-risk patterns include: - Any user-controlled model source - Dynamic loading from external repositories at request time - No allow-list for model identifiers - Broad substring routing logic around “privacy-filter” or similar feature flags

Technical Notes: Spacelabs Sentinel port exposure and webshell hunting

Validate whether port 8989 is reachable:

# From an authorized assessment host
nmap -Pn -p 8989 <sentinel-host-or-range>

On Windows/IIS systems, check for suspicious recent ASPX writes:

Get-ChildItem -Path "C:\inetpub\wwwroot" -Recurse -Filter *.aspx |
  Sort-Object LastWriteTime -Descending |
  Select-Object FullName, LastWriteTime -First 20

Also review active listeners:

netstat -ano | findstr :8989

Technical Notes: WordPress plugin and account takeover review

For WordPress, focus on plugin inventory and recent admin changes:

wp plugin list
wp user list --role=administrator
wp option get siteurl

Inspect database fields cautiously and only through approved admin workflows. Watch for: - Unexpected wp_usermeta changes tied to reset actions - New administrator accounts - Login bursts followed by profile or password changes - SQL injection attempts in web server or WAF logs against plugin endpoints

Bottom Line

Today’s Threat Digest is less about a single headline event and more about a familiar defender problem: too many paths to the same outcome. Attackers are still winning through exposed web apps, weak credential handling, permissive plugins, and user-driven trust.

The most practical response is also familiar: - patch exposed systems first, - rotate and reduce credentials, - lock down developer and WordPress ecosystems, - and verify that “non-default” risky services are truly not reachable.

If you only have time for three actions today, make them: 1. patch Sitefinity and review internet exposure, 2. audit GitHub tokens and developer endpoints, 3. review WordPress plugins and privileged account activity.

This article may contain affiliate links. We earn a commission on qualifying purchases at no extra cost to you.

Last verified: 2026-06-03

Disclaimer: This article may contain affiliate links. We earn a commission on qualifying purchases at no extra cost to you.