Microsoft AutoGen Studio AutoJack MCP WebSocket command execution security flaw
Vulnerability
Summary
Hide ▲
Show ▼
Microsoft’s AutoJack chain exposed AutoGen Studio to arbitrary command execution for developers building from the main GitHub branch before the hardening commit.
Related Happenings
AutoGen Studio MCP WebSocket localhost trust bypass RCE flaw
Vulnerability
H score29
First: 19.06.2026 18:30
Last: 19.06.2026 18:30
Sources 1
About this happening:
A **remote code execution** flaw in **AutoGen Studio** affects the **MCP WebSocket** surface in pre-release builds **0.4.3.dev1** and **0.4.3.dev2**. The exploit chain uses a **lo...
AutoGen Studio MCP WebSocket localhost trust bypass RCE flaw
VulnerabilityAbout this happening: A **remote code execution** flaw in **AutoGen Studio** affects the **MCP WebSocket** surface in pre-release builds **0.4.3.dev1** and **0.4.3.dev2**. The exploit chain uses a **lo...
AUDIOFIX and MiniRAT macOS malware activity
Malware Activity
H score34
First: 28.05.2026 10:54
Last: 28.05.2026 10:54
Sources 1
About this happening:
The **AUDIOFIX** and **MiniRAT** malware activity is targeting **cryptocurrency firms** and **developer infrastructure** on **macOS** with **LinkedIn recruiter** lures, a fake mee...
AUDIOFIX and MiniRAT macOS malware activity
Malware ActivityAbout this happening: The **AUDIOFIX** and **MiniRAT** malware activity is targeting **cryptocurrency firms** and **developer infrastructure** on **macOS** with **LinkedIn recruiter** lures, a fake mee...
SHub Reaper macOS infostealer variant
Malware Activity
H score23
First: 19.05.2026 00:42
Last: 19.05.2026 00:42
Sources 1
About this happening:
The **SHub Reaper** macOS infostealer now uses **AppleScript** and a fake **Apple security update** lure to infect Macs, raising the risk of credential theft and remote access. It...
SHub Reaper macOS infostealer variant
Malware ActivityAbout this happening: The **SHub Reaper** macOS infostealer now uses **AppleScript** and a fake **Apple security update** lure to infect Macs, raising the risk of credential theft and remote access. It...
StoatWaffle malware distributed through malicious VS Code projects
Malware Activity
H score29
First: 23.03.2026 20:09
Last: 23.03.2026 20:09
Sources 1
About this happening:
The **StoatWaffle** malware is being delivered through malicious **VS Code projects**, creating a live risk of **credential theft** and **remote command execution** on developer s...
StoatWaffle malware distributed through malicious VS Code projects
Malware ActivityAbout this happening: The **StoatWaffle** malware is being delivered through malicious **VS Code projects**, creating a live risk of **credential theft** and **remote command execution** on developer s...
DRILLAPP JavaScript backdoor through Microsoft Edge
Malware Activity
H score24
First: 16.03.2026 11:07
Last: 16.03.2026 11:07
Sources 1
About this happening:
Observed in **February 2026**, the **DRILLAPP** backdoor now runs through **Microsoft Edge**, giving it **file access** plus access to the **microphone**, **webcam**, and **screen...
DRILLAPP JavaScript backdoor through Microsoft Edge
Malware ActivityAbout this happening: Observed in **February 2026**, the **DRILLAPP** backdoor now runs through **Microsoft Edge**, giving it **file access** plus access to the **microphone**, **webcam**, and **screen...
Timeline
-
22.06.2026 20:28 2 articles · 1h ago
Microsoft remediates AutoJack in AutoGen Studio before PyPI release
Initial DisclosureMicrosoft remediated AutoJack, a vulnerability chain in AutoGen Studio's MCP WebSocket path that could let a malicious webpage trick a developer's browsing agent into launching attacker-chosen PowerShell, Bash, or other executables on the host. Exposure was limited to developers who built AutoGen Studio from the main GitHub branch before commit b047730, and the affected code never shipped in a PyPI package.
Show sources
- Microsoft fixes AutoGen Studio flaw that enabled code execution — www.bleepingcomputer.com — 22.06.2026 20:28
- Microsoft fixes AutoGen Studio flaw that enabled code execution — www.bleepingcomputer.com — 22.06.2026 20:28