vulnerability

Unpatched Windows Search URI Vulnerability Lets Attackers Steal NTLMv2 Hashes

A newly disclosed, unpatched vulnerability in the Windows Search URI handler allows attackers to steal users' NTLMv2 hashes by inducing them to click specially crafted links that connect to malicious SMB servers. This issue, similar to a previously patched flaw in the Windows Snipping Tool, poses risks of relay attacks and deeper network access, but Microsoft has declined to issue a fix, recommending mitigations like blocking outbound SMB traffic and disabling NTLM where possible.

https://thehackernews.com/2026/06/unpatched-windows-search-uri.html

HTTP/2 Bomb — Remote DoS Exploit Hits Nginx, Apache, IIS, Envoy, and Cloudflare Pingora

A newly disclosed remote denial-of-service (DoS) exploit called “HTTP/2 Bomb” targets default HTTP/2 configurations in widely used web servers including nginx, Apache httpd, Microsoft IIS, Envoy, and Cloudflare Pingora, allowing an attacker to exhaust tens of gigabytes of server memory within seconds. The exploit combines an HPACK compression bomb with a Slowloris-style connection hold to amplify memory usage, leading to significant server resource exhaustion; patches and mitigations have been released for some servers, while others require disabling HTTP/2 or proxying to mitigate risk.

https://cybersecuritynews.com/http-2-bomb-remote-dos-exploit/

Microsoft 365 Android Apps Account Takeover Vulnerability Impacted Billions of Android Users

A critical vulnerability called FlagLeft was discovered in six major Microsoft 365 Android apps, where a debug flag left enabled in production allowed any app on the device to silently obtain valid Microsoft account tokens without user consent. This flaw exposed billions of users to account takeover risks, enabling attackers to access emails, files, and calendar data under the victim's identity; Microsoft has since patched the issue and urged users to update affected apps immediately.

https://cybersecuritynews.com/microsoft-365-android-apps-account-takeover-vulnerability/

The Newest Instagram “Exploit” Is the Goofiest I’ve Seen

A recent Instagram exploit allowed attackers to hijack accounts by simply faking the victim's location and tricking Instagram's AI support into sending verification codes to the attacker's email, bypassing two-factor authentication entirely. This vulnerability led to high-profile account takeovers, was exploited on black market services, and has since been patched by Meta, though it reportedly remained active for weeks or months.

https://www.0xsid.com/blog/meta-account-takeover-fiasco

Meta AI Support Bot Helped Hackers Hijack Instagram Accounts

Meta's AI support assistant for Instagram was exploited by hackers to hijack high-profile accounts by changing the email address linked to those accounts without proper identity verification, sometimes bypassing two-factor authentication. The vulnerability, which was publicly accessible for a short time, allowed attackers to take over accounts easily, prompting Meta to patch the issue and secure impacted accounts.

https://www.macrumors.com/2026/06/01/meta-ai-instagram-attack/

ChatGPhish: The Page Is the Payload

Researchers discovered a new phishing and tracking attack called ChatGPhish that exploits ChatGPT's page summarization feature by injecting malicious Markdown links and images into web pages. When users summarize such pages in ChatGPT, the assistant renders active clickable links, spoofed alerts, and QR codes within its trusted interface, enabling phishing, cross-origin data leakage, and off-device attacks without traditional browser protections. This expands the attack surface from email to everyday browsing, highlighting risks in AI-generated outputs that automatically render untrusted external content inside trusted AI interfaces.

https://permiso.io/blog/chatgpt-markdown-rendering-vulnerability

Microsoft Clarifies It Won’t Sue Security Researchers Amid Nightmare-Eclipse Controversy

Microsoft has clarified that it does not intend to take legal action against security researchers conducting good-faith vulnerability research, following backlash from the community over its response to a researcher known as Nightmare Eclipse who publicly disclosed multiple unpatched Windows zero-day exploits. The company emphasized that legal escalation would target only those engaged in malicious activities causing harm, reaffirmed its commitment to coordinated vulnerability disclosure, and pledged improved communication and transparency with researchers.

https://cybersecuritynews.com/microsoft-clarifies-nightmare-eclipse-controversy/

Critical Samba Vulnerability Enables Remote Code Execution Attacks

A critical vulnerability in Samba's printing subsystem (CVE-2026-4480) allows unauthenticated remote code execution due to improper sanitization of shell meta characters in the %J print command parameter. This flaw, with a maximum CVSS score of 10.0, affects Samba setups that use the vulnerable print command configuration, enabling attackers to inject malicious commands without authentication; patches have been released, and administrators are urged to update immediately or apply mitigations.

https://cybersecuritynews.com/samba-rce-vulnerability/

Critical OpenVPN Connect for macOS Vulnerability Let Attackers Execute Arbitrary Commands

A critical privilege escalation vulnerability (CVE-2026-9560) in OpenVPN Connect for macOS allows local attackers to execute arbitrary commands with root privileges via the application's privileged helper service, affecting versions 3.5.1 through 3.8.1. Security researchers have disclosed the flaw responsibly, urging users to update immediately to mitigate risks of local exploitation and potential lateral movement in shared macOS environments.

https://cybersecuritynews.com/openvpn-connect-for-macos-vulnerability/

Critical Notepad++ Vulnerabilities Allow Attackers to Execute Arbitrary Code

Notepad++ has released an urgent security update (v8.9.6.1) addressing three vulnerabilities, including two critical arbitrary code execution flaws that allow attackers to run malicious programs by exploiting the application's config files. The most severe vulnerability (CVE-2026-48778) involves the unvalidated execution of commands from the config.xml file, enabling attackers to execute arbitrary code via various methods such as malicious shortcuts or cloud sync poisoning. Users are strongly advised to update immediately to protect against these risks.

https://cybersecuritynews.com/critical-notepad-vulnerabilities/

Microsoft Copilot Cowork Exfiltrates Files

Microsoft Copilot Cowork in Microsoft 365 is vulnerable to file exfiltration attacks via indirect prompt injection, exploiting the fact that sending emails and Teams messages to the active user occurs without manual approval. Attackers can use poisoned skills to cause Copilot Cowork to send messages containing pre-authenticated download links to sensitive files, which are exfiltrated when the user opens the messages, posing a significant security risk that can be mitigated by restricting permissions and file downloads in SharePoint.

https://www.promptarmor.com/resources/microsoft-copilot-cowork-exfiltrates-files

PuTTY 0.84 Released With Fix for SSH KEX Crashes and Telnet Prompt Spoofing Flaw

PuTTY 0.84 has been released addressing several minor security flaws, including crashes during SSH key exchange caused by incorrect elliptic curve handling and a Telnet prompt spoofing issue related to proxy authentication. These vulnerabilities, exploitable by malicious servers or man-in-the-middle attackers, primarily result in denial-of-service conditions, and users are advised to upgrade promptly for improved robustness and security.

https://cybersecuritynews.com/putty-0-84-released/

New 7-Zip Vulnerabilities Let Attackers Execute Arbitrary Code and Compromise Systems

A critical heap buffer overflow vulnerability (CVE-2026-48095) in 7-Zip version 26.00 allows attackers to execute arbitrary code by exploiting a defect in the NTFS archive handler’s compression unit size calculation, causing a vtable hijack. This vulnerability affects both 32-bit and 64-bit builds, can be triggered by opening a crafted NTFS image with any file extension, and has a high severity score of 8.8; users are urged to update immediately to version 26.01 to mitigate the risk.

https://cybersecuritynews.com/7-zip-vulnerabilities-code-execution/

Microsoft Warns of Two Actively Exploited Defender Vulnerabilities

Microsoft disclosed two actively exploited vulnerabilities in Defender, CVE-2026-41091 and CVE-2026-45498, which have been patched in the latest versions of Defender. The vulnerabilities, which overlap with previously disclosed zero-days, enable privilege escalation and denial-of-service attacks. Microsoft also addressed a heap-based buffer overflow vulnerability (CVE-2026-45584) in the same update.

https://thehackernews.com/2026/05/microsoft-warns-of-two-actively.html

Microsoft Releases Mitigation for YellowKey BitLocker Bypass CVE-2026-45585 Exploit

Microsoft has released a mitigation for the YellowKey vulnerability (CVE-2026-45585), a BitLocker security feature bypass that allows attackers with physical access to circumvent device encryption on affected Windows 11 and Windows Server versions. The exploit uses specially crafted files to spawn an unrestricted shell during recovery mode, granting full access to encrypted data, and Microsoft recommends updating WinRE images and switching from TPM-only to TPM+PIN protection to prevent exploitation.

https://thehackernews.com/2026/05/microsoft-releases-mitigation-for.html

Scroll to Top