IT News Roundup: VS Code Zero-Day, Meta AI Funding, FIFA Cyber Scams - June 6, 2026

The technology landscape this week is defined by escalating security concerns around developer tools, massive capital raises fueling the AI infrastructure arms race, and the growing threat of event-driven cybercrime. Below are the key stories from the past 24 hours.

VS Code Zero-Day Lets Attackers Steal GitHub Tokens in One Click

A critical security vulnerability in Microsoft Visual Studio Code has been publicly disclosed that allows attackers to steal GitHub OAuth tokens with a single click. Security researcher Ammar Askar released the details on June 2, 2026, revealing that the flaw in VS Code's webview implementation can be exploited through github.dev to extract authentication tokens including read/write access to private repositories.

The vulnerability has no assigned CVE identifier and Microsoft has not yet released a patch. Exploit code has been made publicly available, raising the urgency for developers to limit GitHub token scopes and consider disabling github.dev access until a fix is deployed. The one-click nature of the attack means even experienced developers are at risk if they open a malicious link within the editor.

Source: BleepingComputer, SecurityWeek

Meta Considers Multi-Billion Dollar Stock Offering to Fund AI Ambitions

Meta Platforms is reportedly exploring a stock offering that could raise tens of billions of dollars, according to the Financial Times. The move follows Alphabet's successful $85 billion equity sale and signals that Big Tech companies are increasingly turning to capital markets to fund their massive AI infrastructure investments beyond what operating cash flows can support.

Meta shares dropped approximately 6.6% on the news as investors reacted to the potential dilution and the company's escalating spending trajectory. The capital raise would be directed toward AI data centers, model training, and the broader infrastructure needed to compete in the generative AI race. The development underscores how the AI arms race has pushed spending to levels where even cash-rich tech giants must look to equity markets.

Source: CNBC, Bloomberg

Black Duck 2026 OSSRA Report: Open Source Vulnerabilities Have Doubled

Black Duck has released its 2026 Open Source Security and Risk Analysis (OSSRA) report, revealing that the mean number of open source vulnerabilities per codebase has more than doubled, jumping 107% year-over-year to 581 vulnerabilities. The report attributes the surge to AI-accelerated code creation, with open source component counts increasing 30% and the number of files per codebase growing 74%.

The findings show that 87% of codebases are now at risk, with 65% having been hit by attacks. License conflicts have also surged to their highest levels in the report's history. The data highlights a growing challenge for development teams: the speed at which AI tools generate and incorporate open source components is outpacing the ability to properly audit and secure them.

Source: Black Duck Blog, PR Newswire

CrowdStrike CEO Warns AI Security Fears Will Drive Growth

CrowdStrike CEO and founder George Kurtz stated that concerns surrounding AI-powered cyber threats are becoming a significant tailwind for the cybersecurity company in the coming quarters. During a recent earnings discussion, Kurtz noted that while it was too early for specific AI security incidents to meaningfully impact first-quarter results, the trend of threat actors leveraging AI tools is accelerating.

Kurtz has previously warned at industry conferences that enterprises are rapidly losing visibility and control over AI systems deployed within their environments. The growing sophistication of AI-assisted attacks is expected to drive increased demand for endpoint detection and response capabilities, positioning CrowdStrike and similar platforms to benefit from the shifting threat landscape.

Source: CNBC

FIFA World Cup 2026 Cyber Scam Ecosystem Already Active

With the 2026 FIFA World Cup approaching, researchers and the FBI have documented a sprawling cyber scam ecosystem already targeting fans. Over 65,000 domain registrations linked to phishing and ticket fraud have been identified, with threat actors spoofing legitimate FIFA websites and registering lookalike domains. Check Point Research analysis of more than 13,000 associated domains reveals clear patterns in registrar usage, TLD selection, and hosting providers.

The attack surface includes fake ticket stores, betting scams, phishing campaigns, and banking malware distributed through counterfeit streaming apps. The US, Canada, and Mexico are seeing the highest concentration of attacks. Organizations and individuals are advised to verify domain legitimacy and avoid downloading unofficial streaming applications ahead of the tournament.

Source: FBI IC3, The Hacker News, Check Point Research

SpaceX Files for Up to One Million Orbital AI Data Center Satellites

SpaceX has filed with the Federal Communications Commission to launch up to one million solar-powered satellites designed to serve as orbital AI data centers. The filing, part of the broader SpaceX IPO preparation process, outlines plans to use Starlink in-orbit technology to optimize AI compute in space. The company is also building out chip manufacturing efforts in partnership with Tesla.

The proposal has drawn attention from investors and analysts as part of the anticipated 2026 SpaceX IPO roadshow. Industry observers note that orbital data centers could address growing concerns about terrestrial power constraints for AI training workloads, though the technical and regulatory challenges of deploying such infrastructure at scale remain significant.

Source: Stratechery, KraneShares

Google Cloud Next 2026: Gemini Enterprise Agent Platform

Google has introduced the Gemini Enterprise Agent Platform, a comprehensive system for building, scaling, governing, and optimizing AI agents for enterprise use. Announced at Google Cloud Next 2026, the platform integrates model selection, building, and agent orchestration capabilities from Vertex AI with new features for agent integration, DevOps, and security governance.

The platform is positioned as the foundation for what Google calls the "agentic enterprise" — a shift from delegating tasks to individual AI models toward managing autonomous agent systems that handle complete business outcomes. The announcement also included details on Google's eighth-generation Tensor Processing Units (TPUs) designed to support the increased compute demands of agent-based workloads.

Source: Google Blog, Google Cloud Blog