🔴 Breaking
DuneSlide CVSS 9.8 — zero-click prompt injection escapes Cursor IDE sandbox on Fortune 500 machines, MCP server response enough, update to Cursor 3.0 now  •  6 Microsoft Defender zero-days in 90 days — RoguePlanet still unpatched on all Win10/11  •  Claude Code reverse shell — clean GitHub repo, DNS TXT, no scanner catches it  •  Device code phishing 37x spike — 18 kits, bypasses all legacy MFA  •  CVE-2026-46331 pedit COW — Linux root exploit, FIM blind   DuneSlide CVSS 9.8 — zero-click prompt injection escapes Cursor IDE sandbox on Fortune 500 machines, MCP server response enough, update to Cursor 3.0 now  •  6 Microsoft Defender zero-days in 90 days — RoguePlanet still unpatched on all Win10/11  •  Claude Code reverse shell — clean GitHub repo, DNS TXT, no scanner catches it  •  Device code phishing 37x spike — 18 kits, bypasses all legacy MFA  •  CVE-2026-46331 pedit COW — Linux root exploit, FIM blind   
Threat Briefs
38
Active Threats
13
CISA KEV Listed
10
No Patch Yet
4
Latest

Threats & Attacks

AI Security · IDE · CVSS 9.8 · Zero-Click
DuneSlide: Zero-Click Prompt Injection Escapes Cursor’s Sandbox on Fortune 500 Machines — CVSS 9.8, MCP Response Enough

Normal prompt. Agent reads MCP response. Sandbox binary overwritten. No click. Full machine. Cursor used by 50%+ Fortune 500. Cato: similar flaws in all popular coding agents. Update to Cursor 3.0 now.

July 2, 2026
Endpoint Security · Windows · RoguePlanet Unpatched
Six Microsoft Defender Zero-Days in 90 Days — Three Exploited Before Patches, One Still Open Today

BlueHammer CISA KEV. UnDefend silently degrades protection. RoguePlanet: no patch, works on fully patched Win10/11. Microsoft vs researcher — community sided against Microsoft.

July 1, 2026
AI Security · Prompt Injection · Reverse Shell
Claude Code Reverse Shell — Mozilla 0DIN: Clean GitHub Repo, Zero Malicious Code, No Scanner Catches It

Payload in DNS TXT record — never in repo. Static analysis, human review, AI agent: all blind. “Claude Code never decided to open a shell. It decided to fix an error.”

July 1, 2026
Identity Security · PhaaS · 37x Spike
Device Code Phishing: 37x Spike, 18 Kits, MFA Bypass That Survives Password Resets

Bypasses TOTP, push, SMS. Token survives password resets. Conditional Access doesn’t block it by default. FBI advisory on Kali365.

June 29, 2026
Linux Kernel · Root Exploit · FIM Blind
CVE-2026-46331 (pedit COW): Linux Kernel Root Exploit — FIM Says Everything Is Fine

Never touches disk. Poisons kernel page cache. FIM, Tripwire, AIDE all report clean. Ubuntu patches pending.

June 28, 2026
Supply Chain · CI/CD · 300+ Repos
Cordyceps: Free GitHub Account Hijacks CI/CD at Microsoft, Google, Apache, Cloudflare

No org membership. Owner-level Google Cloud. Non-expiring Microsoft Sentinel keys. Python Black for 130M installs. AI agents reproducing the pattern.

June 25, 2026
Analysis

Intelligence & Deep Dive

The DataWater Intelligence Brief

Weekly CISO-level threat analysis — breaking vulnerabilities, technical depth, zero noise.