vulnerability

9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros

A nine-year-old Linux kernel vulnerability (CVE-2026-46333) allows unprivileged users to execute commands as root on major distributions like Debian, Fedora, and Ubuntu. The flaw, discovered by Qualys, is rooted in the kernel’s __ptrace_may_access() function and can be exploited through various methods. It’s recommended to apply the latest kernel updates or use temporary workarounds to mitigate the risk.

https://thehackernews.com/2026/05/9-year-old-linux-kernel-flaw-enables.html

Windows Zero-Day Barrage Continues After Patch Tuesday

Security researcher “Nightmare Eclipse” has disclosed six Windows zero-day vulnerabilities over the past six weeks, including new flaws named YellowKey, GreenPlasma, and MiniPlasma, following Microsoft's May 2026 Patch Tuesday. These vulnerabilities enable severe attacks such as bypassing BitLocker encryption, privilege escalation, and disabling Microsoft Defender, with some already actively exploited, highlighting significant ongoing security challenges for Windows users despite patches.

https://www.darkreading.com/cyberattacks-data-breaches/windows-zero-day-barrage-continues-after-patch-tuesday

Google Publishes Exploit Code Threatening Millions of Chromium Users

Google has published exploit code for a long-known, unfixed vulnerability in the Chromium browser engine that threatens millions of users of Chrome, Microsoft Edge, and other Chromium-based browsers. The exploit abuses the Browser Fetch API to create persistent background connections, enabling attackers to monitor user activity, proxy traffic, and conduct denial-of-service attacks, effectively turning affected devices into a limited botnet; the vulnerability was privately reported to Google 42 months ago but remains unpatched.

https://arstechnica.com/security/2026/05/google-publishes-exploit-code-threatening-millions-of-chromium-users/

Microsoft Exchange Zero-Day Under Attack, No Patch Available

Microsoft disclosed a zero-day vulnerability (CVE-2026-42897) in Exchange Outlook Web Access (OWA) that is actively being exploited and stems from a cross-site scripting (XSS) flaw allowing attackers to compromise mailboxes and execute spoofing attacks. While no patch is yet available, Microsoft recommends enabling the Exchange Emergency Mitigation Service or applying an updated mitigation tool to reduce risk until a security update is released.

https://www.darkreading.com/vulnerabilities-threats/microsoft-exchange-zero-day-no-patch

Google’s AI Is Being Manipulated. The Search Giant Is Quietly Fighting Back

A BBC investigation revealed that AI chatbots like Google's AI and ChatGPT can be easily manipulated by publishing targeted content online, causing them to spread misinformation on critical topics such as health and finance. In response, Google has updated its spam policies to combat such manipulation, signaling increased efforts by AI companies to prevent abuse, though experts warn that manipulators often stay ahead and users should remain cautious about AI-generated answers.

https://www.bbc.com/future/article/20260519-google-tackles-attempts-to-hack-its-ai-results

New Linux PamDOORa Backdoor Uses PAM Modules to Steal SSH Credentials

Cybersecurity researchers have revealed a new Linux backdoor called PamDOORa, sold on a Russian cybercrime forum, which exploits Pluggable Authentication Modules (PAM) to steal SSH credentials and enable persistent access through a magic password and specific TCP port. Designed as a sophisticated post-exploitation tool with anti-forensic features, PamDOORa runs with root privileges to capture user credentials and tamper with authentication logs, representing an evolution in Linux PAM-based backdoors.

https://thehackernews.com/2026/05/new-linux-pamdoora-backdoor-uses-pam.html

OpenAI’s GPT-5.5 Is as Good as Mythos at Finding Security Vulnerabilities – Schneier on Security

The UK’s AI Security Institute evaluated OpenAI’s GPT-5.5 and found that its capability to identify security vulnerabilities is comparable to Anthropic’s Claude Mythos model, with GPT-5.5 being generally available. This evaluation highlights the advancing role of large language models in cybersecurity, although discussions note limitations in reasoning and the potential plateau in detecting new attack classes without human input.

https://www.schneier.com/blog/archives/2026/05/openais-gpt-5-5-is-as-good-as-mythos-at-finding-security-vulnerabilities.html

Frontier AI Models Reap Rapid Discovery of Security Vulnerabilities

Frontier AI models, such as those tested by Palo Alto Networks under Project Glasswing, are accelerating the discovery of software security vulnerabilities, with 26 new common vulnerabilities recently disclosed compared to the usual five. While these AI tools offer potential for integrating security into the software development lifecycle, experts warn organizations have a limited three- to five-month window to leverage AI defensively before AI-driven exploitation becomes widespread.

https://www.cybersecuritydive.com/news/frontier-ai-rapid-discovery-security-vulnerabilities/820258/

Critical 18-Year-Old NGINX Vulnerability Enables Remote Code Execution Attacks

A critical 18-year-old heap buffer overflow vulnerability (CVE-2026-42945) has been discovered in NGINX's ngx_http_rewrite_module, enabling unauthenticated remote code execution (RCE) attacks. The flaw, present since 2008 and affecting numerous NGINX products, arises from a mismatch in URL rewriting logic and has a CVSS score of 9.2; security updates have been released and urgent patching is recommended.

https://cybersecuritynews.com/18-year-old-nginx-rce-vulnerability/

Microsoft’s MDASH AI System Finds 16 Windows Flaws Fixed in Patch Tuesday

Microsoft has introduced MDASH, a multi-model AI-driven system designed to autonomously discover, validate, and prove exploitable vulnerabilities in complex codebases like Windows. Tested in a private preview, MDASH identified 16 flaws fixed in the latest Patch Tuesday, including critical remote code execution vulnerabilities in Windows networking and authentication components. This system represents a production-grade advancement in AI vulnerability discovery by orchestrating over 100 specialized AI agents to enhance security at enterprise scale.

https://thehackernews.com/2026/05/microsofts-mdash-ai-system-finds-16.html

Microsoft Patches 138 Vulnerabilities, Including DNS and Netlogon RCE Flaws

Microsoft released patches addressing 138 security vulnerabilities across its product portfolio, including critical remote code execution flaws in Windows DNS and Netlogon components. These fixes, part of the May 2026 Patch Tuesday, also involve privilege escalation, information disclosure, and spoofing issues, with several vulnerabilities identified through Microsoft's new AI-driven discovery system, highlighting the growing role of AI in vulnerability detection.

https://thehackernews.com/2026/05/microsoft-patches-138-vulnerabilities.html

Mystery Microsoft Bug Leaker Keeps the Zero-Days Coming

An anonymous researcher known as Nightmare-Eclipse has released two new Microsoft Windows zero-day vulnerabilities—YellowKey, a BitLocker bypass allowing unrestricted access to encrypted machines via USB, and GreenPlasma, a privilege escalation flaw granting SYSTEM access. Security experts warn these exploits pose serious risks, especially for stolen devices and post-compromise attacks, with no known mitigation currently available for GreenPlasma; this continues an ongoing series of damaging disclosures by the researcher following a claimed breach of trust with Microsoft.

https://www.theregister.com/security/2026/05/13/disgruntled-researcher-releases-two-more-microsoft-zero-days/5239758

Microsoft Teams Vulnerability Allows Hackers to Perform Spoofing Attacks

A newly disclosed vulnerability (CVE-2026-32185) in Microsoft Teams for Android allows local attackers to perform spoofing attacks by exploiting improper file and directory access controls, potentially deceiving users into trusting malicious content. Although exploitation requires user interaction and is limited to local environments, the flaw poses a high impact on data confidentiality; Microsoft has released a patch urging users to update immediately to mitigate risks.

https://cybersecuritynews.com/microsoft-teams-vulnerability-spoofing/

Copy.Fail Linux Vulnerability – Schneier on Security

The Copy.Fail vulnerability is a significant local privilege escalation flaw in the Linux kernel disclosed in April 2026, allowing attackers with limited access to escalate privileges to root by exploiting the kernel crypto API and splice() without modifying files on disk, thus evading detection. Affecting major distributions and shared infrastructure environments like Kubernetes, this vulnerability undermines isolation between users and containers, prompting urgent patch rollouts and discussions about new mitigation strategies such as emergency kernel “killswitches.”

https://www.schneier.com/blog/archives/2026/05/copy-fail-linux-vulnerability.html

New BitUnlocker Downgrade Attack on Windows 11 Allows Access to Encrypted Disks in 5 Minutes

A new tool called BitUnlocker exploits a vulnerability in Windows 11's BitLocker encryption, allowing attackers with physical access to decrypt protected volumes in under five minutes by using a downgrade attack on the boot manager. The attack leverages an unrevoked legacy signing certificate, enabling a pre-patch vulnerable boot manager to pass Secure Boot validation, but Microsoft mitigations like enabling TPM+PIN authentication and deploying update KB5025885 can protect systems against this exploit.

https://cybersecuritynews.com/bitunlocker-downgrade-attack-on-windows-11/

Scroll to Top