Microsoft has fixed a vulnerability in its AI-enabled Azure Health Bot that could have allowed attackers to access cross-tenant resources. The elevation of privilege vulnerability was discovered by Tenable researchers in June and patched by July. During routine investigations into data connections, the researchers were able to access an internal Microsoft subscription ID, potentially making other resources accessible.
Amazon Q Vulnerability Let Attackers Execute Code and Access Sensitive Cloud Environments
A high-severity vulnerability in the Amazon Q Developer Extension for Visual Studio Code (VS Code), Amazon’s AI-powered coding assistant. Tracked as CVE-2026-12957 and CVE-2026-12958 and
