RoguePlanet: a new Microsoft Defender zero-day disclosed in the wake of Patch Tuesday Threat Intelligence · Vulnerability June 10, 2026 · Marc-Frédéric Gomez · 6 min read Just hours after the June 2026 fixes shipped, the researcher Nightmare Eclipse published a new exploit targeting Microsoft Defender. It works against Windows systems that are already up…
Artificial Intelligence — vulnerabilities-anthropic What the First Public Update on Claude Mythos Reveals Anthropic published on May 22, 2026 the results of the first month of its defensive initiative. More than 10,000 vulnerabilities of high or critical severity identified, a bottleneck that has shifted from detection to remediation, and an access strategy that draws a…
Technical Analysis · Linux Kernel Vulnerability Reading Root-Owned Files Without Privilege: What CVE-2026-46333 Reveals About Nine Years of Blind Spot in the Linux Kernel A race window in the Linux kernel ptrace access control allows, via pidfd_getfd(2), the theft of file descriptors held by SUID root binaries about to terminate. Two public exploits exfiltrate SSH…
CTI Analysis · Critical Vulnerability BitLocker Is No Longer a Promise: What the YellowKey Case Reveals Two Windows zero-days disclosed without coordination, a researcher openly challenging Microsoft, and a phantom component in the Windows Recovery Environment whose true nature, bug or backdoor, no one can yet determine. Published May 14, 2026 Reading time 15 minutes…
Remote code execution via the Reading Pane, without user interaction Executive summary On May 12, 2026, as part of the monthly Patch Tuesday cycle, Microsoft released a fix for CVE-2026-40361, a critical use-after-free vulnerability (CWE-416) officially classified by the vendor as a “Microsoft Office Word Remote Code Execution Vulnerability” (1) (2). Researcher Haifei Li, founder…
Universal Local Privilege Escalation in the Linux Kernel Executive summary On May 7, 2026, researcher Hyunwoo Kim (alias @v4bel) publicly disclosed a new class of Linux kernel vulnerabilities named Dirty Frag (1) (2). This disclosure, brought forward as a result of an embargo break by an unrelated third party, exposes an exploitation chain combining two…
Technical and Strategic AnalysisFBI/CISA PSA I-032026-PSA — March 20, 2026 | TLP:CLEAR 1. Executive Summary — Board Level / Strategic View On March 20, 2026, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) jointly published a public service announcement (PSA I-032026-PSA) alerting the public to an active campaign by…
On March 13, 2026, Microsoft released out-of-band update KB5084597 to remediate three remote code execution (RCE) vulnerabilities in the RRAS (Routing and Remote Access Service) MMC snap-in: CVE-2026-25172, CVE-2026-25173, and CVE-2026-26111. Attack surface and exploitation vector The vulnerability resides in the RRAS MMC snap-in used for remote server management. The attack vector is client-side: the…
Sources: Krebs on Security · BleepingComputer · Cisco TalosReference: Microsoft Security Update Guide, March 2026Target audience: Windows administrators, SOC teams, CERT/CSIRT, patch management leads Overview On March 10, 2026, Microsoft released its monthly Patch Tuesday security updates, addressing 79 vulnerabilities across Windows, Office, SQL Server, Azure, and several third-party components. Three vulnerabilities are classified as…
