Find notable cyber news and cases, enriched with sources, timelines, and signals.

Microsoft MDASH enters limited private preview for AI-driven vulnerability discovery at scale

Security Tool/Service
First reported
Last updated
Happening score
H score 26
1 unique sources, 1 articles

Summary

Hide ▲

Microsoft's MDASH has entered limited private preview, adding a new AI-driven vulnerability discovery service that can validate and prove exploitable defects at scale. The system matters because it is designed to move from candidate findings to validated bugs across complex codebases such as Windows. Early testing already surfaced 16 Windows flaws fixed in Patch Tuesday, including two critical remote-code-execution issues.

Related Happenings

Amazon security patch release for CVE-2026-50549

Security Patch Release
H score29 First: 09.07.2026 14:00 Last: 09.07.2026 14:00 Sources 1

About this happening: **Amazon, Google and Cursor** shipped fixes for **GhostApproval**, a flaw in AI coding assistants that let deceptive repository paths bypass approval prompts. The patch response c...

AI coding assistants GhostApproval symlink security flaw

Vulnerability
H score22 First: 09.07.2026 07:27 Last: 09.07.2026 07:27 Sources 1

About this happening: A **July 8** disclosure identified **GhostApproval**, a **symlink** flaw in **six AI coding assistants** that can redirect approved writes into **~/.ssh/authorized_keys** or **~/....

Defensive guidance for splitting behavioral detections around AI coding agents on Windows endpoints

Defensive Guidance
First: 08.07.2026 20:02 Last: 08.07.2026 20:02 Sources 1

About this happening: AI coding agents on **Windows endpoints** are triggering attacker-style detections, forcing defenders to separate benign automation from real **credential theft** risk. A **June 2...

SKILLCLOAK and SKILLDETONATE expose AI coding-agent skill scanner evasion with runtime-packed malware

Technical Analysis
H score22 First: 06.07.2026 09:33 Last: 06.07.2026 09:33 Sources 1

About this happening: **SKILLCLOAK** shows that malicious **AI coding-agent skills** can be rewritten to evade static scanners while still executing, exposing **credentials**, **source code**, and term...

Microsoft Quantum Safe Program PQC transition

Advisory/Mitigation
H score25 First: 01.07.2026 00:20 Last: 01.07.2026 00:20 Sources 1

About this happening: **Microsoft** is **accelerating** its **Quantum Safe Program** to move **critical products and services** to **post-quantum cryptography (PQC)** by **2029**, tightening the organi...

Timeline

  1. 13.05.2026 16:46 2 articles · 1mo ago

    Microsoft unveils MDASH in limited private preview

    Initial Disclosure

    Microsoft unveiled MDASH, a multi-model agentic scanning harness in limited private preview that uses more than 100 specialized AI agents to discover, validate, and prove exploitable defects in complex codebases like Windows. The system had already been tested on Windows code and identified 16 vulnerabilities fixed in Patch Tuesday, including CVE-2026-33824 in ikeext.dll and CVE-2026-33827 in tcpip.sys, both of which could lead to remote code execution.

    Show sources