Breach of Confidence: 05 June 2026

A security blog roundup highlighting several recent incidents and risks: a developer-supplied repository booby-trap, FBI contact with a journalist, a Raspberry Pi implanted in a bank switch to replay PIN verifications and drain ATMs, a GitHub VSCode webview bug that leaks full repo tokens, concerns about privileged AI agent harnesses, the European Parliament switching search engines, and internal rule enforcement by the Nova ransomware gang.