https://invaders.ie/resources/blog/cloud-and-application-security/cve-2026-45829-chromadb-pre-auth-rce-risk-in-ai-stacks Invaders Security en 2026-05-20T08:11:09.495Z CVE-2026-45829: ChromaDB Pre-Auth RCE Risk in AI Stacks CVE-2026-45829, ChromaDB vulnerability, ChromaDB pre-auth RCE, AI security, vector database security, trust_remote_code, Hugging Face model loading https://invaders.ie/resources/blog/vulnerability/cve-2026-41615-microsoft-authenticator-token-theft-risk Invaders Security en 2026-05-19T16:29:55.680Z CVE-2026-41615: Microsoft Authenticator Token Theft Risk CVE-2026-41615, Microsoft Authenticator vulnerability, Microsoft Authenticator token theft, enterprise MFA prompt abuse, work account token theft, identity security https://invaders.ie/resources/blog/supply-chain-attack/github-action-tag-hijack-ci-cd-credential-theft Invaders Security en 2026-05-19T08:09:56.939Z GitHub Action tag hijack turns CI/CD runs into credential theft GitHub Actions supply chain attack, actions-cool issues-helper compromise, GitHub Action tag hijack, CI/CD credential theft, imposter commit, GitHub Actions pin to commit SHA