FastAPI Auth Bypass, Train Radio Hack, Windows Sandbox Escape & More

A critical Starlette vulnerability puts FastAPI AI services at risk. A student halts Taiwan trains with a radio hack. Plus, CBSE exam portal flaws, Strix AI RCE, Windows sandbox escape, and ChatGPT phishing.

Chapters:
0:00 Intro
0:09 Starlette Host‑Header Bug (CVE‑2026‑48710) Lets Attackers Bypass FastAPI Auth
0:37 Student Uses TETRA Radio Hack to Halt Taiwan High-Speed Trains
1:04 Critical Flaws Allow Full Account Takeover in India's CBSE Exam Grading Portal
1:29 Prompt Injection Yields RCE in Open-Source Strix AI Pentester
1:55 Researchers Discover CVE-2025-59199: One‑Click Windows Sandbox Escape via URI Handlers
2:26 ChatGPhish: Markdown Links in ChatGPT Enable Phishing Attacks
2:50 Outro

Sources:
• Starlette Host‑Header Bug (CVE‑2026‑48710) Lets Attackers Bypass FastAPI Auth — https://security-tracker.debian.org/tracker/CVE-2026-48710
• Student Uses TETRA Radio Hack to Halt Taiwan High-Speed Trains — https://www.midnightblue.nl/blog/analyzing-the-taiwan-high-speed-rail-thsr-tetra-cyber-incident-part-1
• Critical Flaws Allow Full Account Takeover in India's CBSE Exam Grading Portal — https://ni5arga.com/blog/posts/hacking-cbse
• Prompt Injection Yields RCE in Open-Source Strix AI Pentester — https://baldur.dk/blog/strix-ai-pentester-rce.html
• Researchers Discover CVE-2025-59199: One‑Click Windows Sandbox Escape via URI Handlers — https://www.safebreach.com/blog/click-or-trick-cve-2025-59199-escaping-the-sandbox-with-windows-uris/
• ChatGPhish: Markdown Links in ChatGPT Enable Phishing Attacks — https://permiso.io/blog/chatgpt-markdown-rendering-vulnerability

Full briefing & links: https://news.lodehq.com/a/infosec/2026-05-31

Видео FastAPI Auth Bypass, Train Radio Hack, Windows Sandbox Escape & More канала LodeHQ