#zeroday — Public Fediverse posts

⚠️ Alerta de #seguretat! S'ha descobert un nou exploit #ZeroDay anomenat #YellowKey que posa en risc la integritat dels sistemes. 🛡️

És molt important estar al corrent d'aquesta amenaça i extremar les precaucions fins que es publiqui un pegat oficial. 🚨

Llegeix-ne tots els detalls aquí:
https://blog.elhacker.net/2026/05/un-exploit-zero-day-llamado-yellowkey.html

#Ciberseguretat #YellowKey #Exploit #Hacking #InfoSec #Tech #Alerta

Von KI gefundene #ZeroDay-Lücke: #Google :google: verhindert angeblich Cyberangriff | Security https://www.heise.de/news/Google-Cyberangriff-mittels-per-KI-gefundener-Zero-Day-Luecke-abgewehrt-11290551.html #ArtificialIntelligence #AI #0day

Von KI gefundene #ZeroDay-Lücke: #Google :google: verhindert angeblich Cyberangriff | Security https://www.heise.de/news/Google-Cyberangriff-mittels-per-KI-gefundener-Zero-Day-Luecke-abgewehrt-11290551.html #ArtificialIntelligence #AI #0day

Von KI gefundene #ZeroDay-Lücke: #Google :google: verhindert angeblich Cyberangriff | Security https://www.heise.de/news/Google-Cyberangriff-mittels-per-KI-gefundener-Zero-Day-Luecke-abgewehrt-11290551.html #ArtificialIntelligence #AI #0day

Von KI gefundene #ZeroDay-Lücke: #Google :google: verhindert angeblich Cyberangriff | Security https://www.heise.de/news/Google-Cyberangriff-mittels-per-KI-gefundener-Zero-Day-Luecke-abgewehrt-11290551.html #ArtificialIntelligence #AI #0day

Von KI gefundene #ZeroDay-Lücke: #Google :google: verhindert angeblich Cyberangriff | Security https://www.heise.de/news/Google-Cyberangriff-mittels-per-KI-gefundener-Zero-Day-Luecke-abgewehrt-11290551.html #ArtificialIntelligence #AI #0day

Przełom! Google po raz pierwszy powstrzymało exploit "zero-day" stworzony przez AI. To kamień milowy w cyberbezpieczeństwie! Co to oznacza dla ochrony Twoich danych? Sprawdź szczegóły: https://implementi.ai/pl/2026/05/11/google-halts-ai-developed-zero-day-hack/ #Google #ZeroDay #AI

Windows Zero-Days Expose BitLocker, CTFMON Vulnerabilities

A security researcher has uncovered a pair of alarming Windows zero-day vulnerabilities, including a BitLocker bypass and a privilege-escalation exploit that can be triggered with just a USB drive. Dubbed YellowKey, this exploit can even surface a shell on BitLocker-protected systems, giving attackers an easy way in.

https://osintsights.com/windows-zero-days-expose-bitlocker-ctfmon-vulnerabilities?utm_source=mastodon&utm_medium=social

#WindowsZerodays #Bitlocker #SupplyChain #EmergingThreats #ZeroDay

Microsoft BitLocker-protected drives can now be opened with just some files on a USB stick — YellowKey zero-day exploit demonstrates an apparent backdoor | Tom's Hardware

#microsoft #bitlocker #encryption #exploit #zeroday

https://www.tomshardware.com/tech-industry/cyber-security/microsoft-bitlocker-protected-drives-can-now-be-opened-with-just-some-files-on-a-usb-stick-yellowkey-zero-day-exploit-demonstrates-an-apparent-backdoor

This affects so many companies..

https://www.youtube.com/watch?v=umyoCyZCkyg

#incidentresponse #vulnerability #zeroday

This affects so many companies..

https://www.youtube.com/watch?v=umyoCyZCkyg

#incidentresponse #vulnerability #zeroday

This affects so many companies..

https://www.youtube.com/watch?v=umyoCyZCkyg

#incidentresponse #vulnerability #zeroday

This affects so many companies..

https://www.youtube.com/watch?v=umyoCyZCkyg

#incidentresponse #vulnerability #zeroday

BitLocker Zero-Day Exposes Windows Drives to Unauthorized Access

A security researcher, Chaotic Eclipse, has dropped a bombshell by releasing proof-of-concept code for two unpatched Windows vulnerabilities, citing frustration with Microsoft's handling of previous bug reports. This move exposes Windows drives to unauthorized access, even with TPM+PIN protection in place.

https://osintsights.com/bitlocker-zero-day-exposes-windows-drives-to-unauthorized-access?utm_source=mastodon&utm_medium=social

#Bitlocker #ZeroDay #Windows #Tpm #MfaBypass

The mitigations for #DirtyFrag also apparently prevent #Fragnesia #Linux #InfoSec #ZeroDay #0day

https://github.com/v12-security/pocs/tree/main/fragnesia

The mitigations for #DirtyFrag also apparently prevent #Fragnesia #Linux #InfoSec #ZeroDay #0day

https://github.com/v12-security/pocs/tree/main/fragnesia

The mitigations for #DirtyFrag also apparently prevent #Fragnesia #Linux #InfoSec #ZeroDay #0day

https://github.com/v12-security/pocs/tree/main/fragnesia

The mitigations for #DirtyFrag also apparently prevent #Fragnesia #Linux #InfoSec #ZeroDay #0day

https://github.com/v12-security/pocs/tree/main/fragnesia

The mitigations for #DirtyFrag also apparently prevent #Fragnesia #Linux #InfoSec #ZeroDay #0day

https://github.com/v12-security/pocs/tree/main/fragnesia

Google researchers found a zero‑day exploit likely developed with AI, designed to bypass 2FA.

Unusual code patterns - including hallucinated CVSS scores - gave it away.

https://www.computing.co.uk/news/2026/security/criminals-used-ai-to-create-zero-day-exploit?utm_source=mastodon_org&utm_medium=post&utm_campaign=May_AIZeroDay

#ai #zeroday #technews #google #cybersecurity #infosec

AI napisało exploita na zero-day. Google go złapało, bo… był zbyt „grzeczny”

Google Threat Intelligence Group (GITG) wspólnie z ekipą Mandiant poinformowało o wykryciu pierwszego w historii exploita typu zero-day, który został stworzony przy wyraźnym wsparciu modelu językowego (LLM).

Hakerzy użyli sztucznej inteligencji, by uderzyć w popularne narzędzie administracyjne typu open-source i ominąć uwierzytelnianie dwuskładnikowe (2FA).

Zbyt pilny uczeń zdradza hakera

To, co w tej sprawie jest najbardziej fascynujące, to fakt, że sztuczna inteligencja „wsypała” swoich twórców przez… nadmierną staranność. Eksperci Google’a zidentyfikowali udział AI w tworzeniu złośliwego kodu po kilku specyficznych cechach, które nie występują w „tradycyjnym” malwarze (w sensie: tym tworzonym przez ludzi). Co zdradziło autorstwo AI?

• Podręcznikowy styl: skrypt w Pythonie był napisany niezwykle czysto, niemal w sposób akademicki.
• Nadgorliwe komentarze: kod zawierał mnóstwo edukacyjnych opisów modułów, co jest typowe dla odpowiedzi generowanych przez chatboty, a zbędne dla hakerów.
• „Halucynacje” w kodzie: AI dodało do skryptu zmyślone punktacje CVSS (system oceny groźności luki), których hakerzy nigdy by tam nie umieścili.
• Estetyka ponad wszystko: skrypt zawierał rozbudowane menu pomocy i klasy kolorowania tekstu w konsoli (ANSI color), co sugeruje, że haker poprosił AI o „ładny i profesjonalny program”.

Chiny i Korea Północna na „promptach”

Raport Google’a rzuca też światło na to, jak państwowe grupy hakerskie „jailbreakują” modele AI, by służyły im do brudnej roboty.

Chińska grupa UNC2814 stosuje technikę „persony”: każą sztucznej inteligencji wcielić się w rolę „starszego audytora bezpieczeństwa”, co pozwala ominąć filtry blokujące generowanie złośliwego kodu. Z kolei koreańska grupa APT45 zalewa modele tysiącami powtarzalnych zapytań o analizę znanych podatności (CVE), traktując AI jako darmowego stażystę do żmudnej roboty przy wyszukiwaniu luk w zabezpieczeniach.

Co to oznacza dla nas?

Nie doczekaliśmy się jeszcze „Terminatora”, który sam wymyśla broń masowej zagłady, ale jesteśmy świadkami narodzin ery „Script Kiddie 2.0”. AI po prostu bardzo obniża próg wejścia w zaawansowaną cyberprzestępczość. Zamiast lat nauki pisania exploitów, wystarczy sprytny zestaw promptów i odrobina wiedzy, by „uzbroić” nową lukę w systemie.

Dobra wiadomość? Na razie AI pisze kod tak charakterystyczny, że systemy obronne (również oparte na AI) potrafią go wyłapać właśnie przez tę jego „podręcznikowość”. Pytanie brzmi: ile czasu hakerzy będą potrzebowali, by kazać chatbotom pisać kod w sposób „brudny i ludzki”?

Google Finanse z AI trafiają do Polski. Nowa wersja ma pomóc inwestorom w analizie rynku

OH: wenn du löcher brauchst, nimm ein von hier *gestures at wall*

#hacksaarleaks #zeroday

Il primo zero-day costruito con l’AI: Google sventava un attacco di massa con exploit generato da LLM

https://insicurezzadigitale.com/il-primo-zero-day-costruito-con-lai-google-sventava-un-attacco-di-massa-con-exploit-generato-da-llm/

Übermorgen schon!

Wir eröffnen die neuen Räume im #hacksaar

kommt vorbei!

https://tickets.hacksaar.de/tks/zeroday/

Das Event ist der Z'eroday – denn wir eröffnen den B'ug; die erweiterung unseres ursprünglichen H'eck.

(irl mutuals looking for places to sleep: notify me, i think we can orga sth)

#chaosevent #chaosevents #zeroday

Google researchers say they identified the first potentially AI-generated zero-day exploit used by cybercriminals.

The exploit reportedly bypassed 2FA via a semantic logic flaw in a web admin tool.
AI-driven offensive operations are evolving rapidly.

https://www.technadu.com/google-detects-first-potentially-ai-generated-zero-day-exploit/627772/

#CyberSecurity #AI #ZeroDay #ThreatIntel

https://www.europesays.com/be-nl/60755/ Is een ‘kill switch’ in de Linux-kernel een goed idee? #BE #België #Belgium #CVE #kernelpatch #kwetsbaarheid #Linux #LinuxKernel #Science #ScienceAndTechnology #ScienceAndTechnology #Technologie #Technology #Wetenschap #WetenschapEnTechnologie #WetenschapTechnologie #ZeroDay

«Google — Cyberangriff mittels per KI gefundener Zero-Day-Lücke abgewehrt:
Seit Wochen wird davor gewarnt, dass böswillige Cyberakteure bald mit KI-Hilfe Sicherheitslücken finden und ausnutzen könnten. Jetzt ist es angeblich so weit.»

Spannend diesbezüglich zu informieren und dies war auch zu erwarten und doch ist dies auch Marketing vom Konzern.

🤖 https://www.heise.de/news/Google-Cyberangriff-mittels-per-KI-gefundener-Zero-Day-Luecke-abgewehrt-11290551.html

#zeroday #ki #google #cyberangriff #itsicherheit #python

#Google’s Threat Intelligence Group thwarted a #hacker group’s attempt to use #AI models for a #massvulnerability exploitation operation. The hackers aimed to exploit a #zeroday vulnerability to bypass two-factor authentication, but Google’s proactive counter-discovery likely prevented its use. https://www.cnbc.com/2026/05/11/google-thwarts-effort-hacker-group-use-ai-mass-exploitation-event.html?eicker.news #tech #media #news

RT @glenngabe: „Der Gipfel des Eisbergs“ – Googles TIG-Berichte über das erste bekannte Beispiel, bei dem Hacker KI nutzen, um eine Zero-Day-Schwachstelle zu entdecken und zu weaponisieren; TIGs Chefanalyst sagt: „Dies ist der Gipfel des Eisbergs“. „Eine kriminelle Hacking-Gruppe versuchte kürzlich, einen weitreichenden Cyberangriff zu starten, der angeblich auf künstliche Intelligenz zurückgreift, um eine zuvor unbekannte Softwarefehler zu erkennen, sagte Google in einer am Montag veröffentlichten Untersuchung. Der Bericht unterstreicht die potenzielle Bedrohung, die KI für die digitale Sicherheit darstellt.“ https://www.nytimes.com/2026/05/11/us/politics/google-hackers-attack-ai.html

mehr auf Arint.info

#AI #Cybersecurity #DigitalSecurity #Google #Hacking #ZeroDay #arint_info

https://x.com/glenngabe/status/2053881091774152799#m

#Google Says #Hackers Used #AI To Create #ZeroDay #Security Flaw For the First Time
#privacy

https://tech.slashdot.org/story/26/05/11/1640239/google-says-hackers-used-ai-to-create-zero-day-security-flaw-for-the-first-time?utm_source=rss1.0mainlinkanon&utm_medium=feed

New.

Cisco has tagged VisiData and GeoVision for zero-day reports https://talosintelligence.com/vulnerability_info @TalosSecurity #infosec #zeroday #vulnerability

💻 Google blocca il primo zero-day creato da un'AI: exploit generato da LLM colpisce strumento web open-source usato a livello globale.
https://gomoot.com/google-blocca-il-primo-zero-day-generato-da-un-llm/

#news #tech #ZeroDay

Yep, that's a wrap up and nail in the coffin.

Mythos is just a hype.

Their impact are real, but we can compare it with other models.

#mythos #cybersecurity #ai #zeroday

Was für ein Tag! Heute sind ZWEI Texte von mir zu KI und IT-Sicherheit erschienen. Einmal Tipps (die eigentlich schon immer gelten) zum persönlichen Schutz https://www.zeit.de/digital/datenschutz/2026-05/cyberabwehr-ki-cyberangriffe-digitale-bedrohung-gxe?freebie=67550457 (freebie-Link)
und eine aktuelle Einordnung zu einem Google-Marketing-Coup, die behaupten, eine KI-entwickelte Zeroday in the wild gefunden zu haben.Habs mir genauer angeschaut und muss sagen: ganz so war es nicht. Genau genommen: gar nicht https://www.zeit.de/digital/internet/2026-05/cyberangriffe-kuenstliche-intelligenz-google-cybersicherheit?freebie=40cc7634 (ebenfalls Freebie)
#ai #cybersecurity #zeroday #google

Threat Brief: Exploitation of PAN-OS Captive Portal Zero-Day for Unauthenticated Remote Code Execution

Pulse ID: 6a01600647e7bc7fee6485d3
Pulse Link: https://otx.alienvault.com/pulse/6a01600647e7bc7fee6485d3
Pulse Author: Tr1sa111
Created: 2026-05-11 04:50:14

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #InfoSec #OTX #OpenThreatExchange #RemoteCodeExecution #ZeroDay #bot #Tr1sa111

And Pwn2Own ( @thezdi ) got Pwned by Distributed Denial of Zero Day Entries.

With this, Zero days are on the verge of change.

How?
Is this because of AI?
Idk

#cybersecurity #pwn2own #pwned #zeroday

I Built an AI That Builds Zero Day Exploits

https://www.youtube.com/watch?v=BLqRiL_GY3A

#aisecurity #exploit #zeroday

New #Linux 'Dirty Frag' Zero-Day Gives #Root On All Major Distros
#dirtyfrag #zeroday

https://linux.slashdot.org/story/26/05/08/1913238/new-linux-dirty-frag-zero-day-gives-root-on-all-major-distros?utm_source=rss1.0mainlinkanon&utm_medium=feed

Linux zero-day “Dirty Frag” lets local users gain root on major distros by chaining kernel page-cache flaws with no race condition required 🐧⚠️
Ubuntu, Fedora, RHEL and openSUSE remain unpatched, while temporary mitigations disable modules tied to IPsec VPN and AFS support 🔓

🔗 https://www.bleepingcomputer.com/news/security/new-linux-dirty-frag-zero-day-with-poc-exploit-gives-root-privileges/

#TechNews #Linux #DirtyFrag #ZeroDay #CyberSecurity #Kernel #Ubuntu #Fedora #RHEL #OpenSUSE #Privacy #FOSS #Security #Infosec #OpenSource

Threat Brief: Exploitation of PAN-OS Captive Portal Zero-Day for Unauthenticated Remote Code Execution

A buffer overflow vulnerability in the User-ID Authentication Portal of PAN-OS software allows unauthenticated attackers to execute arbitrary code with root privileges on PA-Series and VM-Series firewalls. Limited exploitation has been observed starting April 9, 2026, by a likely state-sponsored threat cluster. Attackers successfully achieved remote code execution by injecting shellcode into nginx worker processes. Post-exploitation activities included deployment of EarthWorm and ReverseSocks5 tunneling tools, Active Directory enumeration using compromised firewall credentials, and systematic log destruction to evade detection. The attackers demonstrated operational discipline with intermittent interactive sessions over multiple weeks, using open-source tools instead of proprietary malware to minimize detection. The vulnerability poses elevated risk when the portal is exposed to untrusted networks or the public internet.

Pulse ID: 69fc45baaffc99649cda5385
Pulse Link: https://otx.alienvault.com/pulse/69fc45baaffc99649cda5385
Pulse Author: AlienVault
Created: 2026-05-07 07:56:42

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #InfoSec #Malware #Nginx #Nim #OTX #OpenThreatExchange #RAT #RCE #RemoteCodeExecution #Rust #ShellCode #Vulnerability #Worm #ZeroDay #bot #socks5 #AlienVault

Threat Brief: Exploitation of PAN-OS Captive Portal Zero-Day for Unauthenticated Remote Code Execution

A buffer overflow vulnerability in the User-ID Authentication Portal of PAN-OS software allows unauthenticated attackers to execute arbitrary code with root privileges on PA-Series and VM-Series firewalls. Limited exploitation has been observed starting April 9, 2026, by a likely state-sponsored threat cluster. Attackers successfully achieved remote code execution by injecting shellcode into nginx worker processes. Post-exploitation activities included deployment of EarthWorm and ReverseSocks5 tunneling tools, Active Directory enumeration using compromised firewall credentials, and systematic log destruction to evade detection. The attackers demonstrated operational discipline with intermittent interactive sessions over multiple weeks, using open-source tools instead of proprietary malware to minimize detection. The vulnerability poses elevated risk when the portal is exposed to untrusted networks or the public internet.

Pulse ID: 69fc45baaffc99649cda5385
Pulse Link: https://otx.alienvault.com/pulse/69fc45baaffc99649cda5385
Pulse Author: AlienVault
Created: 2026-05-07 07:56:42

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #InfoSec #Malware #Nginx #Nim #OTX #OpenThreatExchange #RAT #RCE #RemoteCodeExecution #Rust #ShellCode #Vulnerability #Worm #ZeroDay #bot #socks5 #AlienVault

Threat Brief: Exploitation of PAN-OS Captive Portal Zero-Day for Unauthenticated Remote Code Execution

A buffer overflow vulnerability in the User-ID Authentication Portal of PAN-OS software allows unauthenticated attackers to execute arbitrary code with root privileges on PA-Series and VM-Series firewalls. Limited exploitation has been observed starting April 9, 2026, by a likely state-sponsored threat cluster. Attackers successfully achieved remote code execution by injecting shellcode into nginx worker processes. Post-exploitation activities included deployment of EarthWorm and ReverseSocks5 tunneling tools, Active Directory enumeration using compromised firewall credentials, and systematic log destruction to evade detection. The attackers demonstrated operational discipline with intermittent interactive sessions over multiple weeks, using open-source tools instead of proprietary malware to minimize detection. The vulnerability poses elevated risk when the portal is exposed to untrusted networks or the public internet.

Pulse ID: 69fc45baaffc99649cda5385
Pulse Link: https://otx.alienvault.com/pulse/69fc45baaffc99649cda5385
Pulse Author: AlienVault
Created: 2026-05-07 07:56:42

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #InfoSec #Malware #Nginx #Nim #OTX #OpenThreatExchange #RAT #RCE #RemoteCodeExecution #Rust #ShellCode #Vulnerability #Worm #ZeroDay #bot #socks5 #AlienVault

Threat Brief: Exploitation of PAN-OS Captive Portal Zero-Day for Unauthenticated Remote Code Execution

A buffer overflow vulnerability in the User-ID Authentication Portal of PAN-OS software allows unauthenticated attackers to execute arbitrary code with root privileges on PA-Series and VM-Series firewalls. Limited exploitation has been observed starting April 9, 2026, by a likely state-sponsored threat cluster. Attackers successfully achieved remote code execution by injecting shellcode into nginx worker processes. Post-exploitation activities included deployment of EarthWorm and ReverseSocks5 tunneling tools, Active Directory enumeration using compromised firewall credentials, and systematic log destruction to evade detection. The attackers demonstrated operational discipline with intermittent interactive sessions over multiple weeks, using open-source tools instead of proprietary malware to minimize detection. The vulnerability poses elevated risk when the portal is exposed to untrusted networks or the public internet.

Pulse ID: 69fc45baaffc99649cda5385
Pulse Link: https://otx.alienvault.com/pulse/69fc45baaffc99649cda5385
Pulse Author: AlienVault
Created: 2026-05-07 07:56:42

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #InfoSec #Malware #Nginx #Nim #OTX #OpenThreatExchange #RAT #RCE #RemoteCodeExecution #Rust #ShellCode #Vulnerability #Worm #ZeroDay #bot #socks5 #AlienVault

Threat Brief: Exploitation of PAN-OS Captive Portal Zero-Day for Unauthenticated Remote Code Execution

A buffer overflow vulnerability in the User-ID Authentication Portal of PAN-OS software allows unauthenticated attackers to execute arbitrary code with root privileges on PA-Series and VM-Series firewalls. Limited exploitation has been observed starting April 9, 2026, by a likely state-sponsored threat cluster. Attackers successfully achieved remote code execution by injecting shellcode into nginx worker processes. Post-exploitation activities included deployment of EarthWorm and ReverseSocks5 tunneling tools, Active Directory enumeration using compromised firewall credentials, and systematic log destruction to evade detection. The attackers demonstrated operational discipline with intermittent interactive sessions over multiple weeks, using open-source tools instead of proprietary malware to minimize detection. The vulnerability poses elevated risk when the portal is exposed to untrusted networks or the public internet.

Pulse ID: 69fc45baaffc99649cda5385
Pulse Link: https://otx.alienvault.com/pulse/69fc45baaffc99649cda5385
Pulse Author: AlienVault
Created: 2026-05-07 07:56:42

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #InfoSec #Malware #Nginx #Nim #OTX #OpenThreatExchange #RAT #RCE #RemoteCodeExecution #Rust #ShellCode #Vulnerability #Worm #ZeroDay #bot #socks5 #AlienVault

cPanel Bug Exploited in Wild as Zero-Day Before Patch Release

A cPanel bug, tracked as CVE-2026-41940, was exploited in the wild as a zero-day vulnerability before a patch was released, with attackers making execution attempts as early as February 23, 2026. The flaw forced vendors and hosting providers into emergency mitigation, with cPanel finally releasing a fix on April 28, 2026.

https://osintsights.com/cpanel-bug-exploited-in-wild-as-zero-day-before-patch-release?utm_source=mastodon&utm_medium=social

#Cpanel #ZeroDay #Cve202641940 #WebHosting #EmergingThreats

Lesli Linka Glatter Talks Decades-Spanning Career, Working With Anti-Trump Robert De Niro on ‘Zero Day’ – and Why Everyone Needs a Moose Head on the Table
#Variety #Global #MarketsFestivals #News #Canneseries #DonaldTrump #LesliLinkaGlatter #Netflix #RobertDeNiro #ZeroDay

https://variety.com/2026/tv/global/lesli-linka-glatter-anti-trump-robert-de-niro-zero-day-1236731537/

Eine neue #Episode des #Zeroday #Podcast ist #online: 0d132 – Der alternative Mail-Provider (Part 2)

Link zur Episode: https://0x0d.de/2026/04/0d132-der-alternative-mail-provider-part-2/

In der heutigen Episode stellt Stefan den ersten von 4 Alternativen Mail Providern vor, die er sich als Alternative für seinen ak

@[email protected] (Stefan)
@zeroday (Sven)

#Datenschutz #EMail #gmail #Informationssicherheit #ITSecurity #ITSicherheit #privacy #Privatsphäre #Prtoton #Tuta

Unpatched SharePoint Servers Exposed to Ongoing Spoofing Attacks

Over 1,300 Microsoft SharePoint servers are still vulnerable to a spoofing attack, despite a security update being available since last week, leaving them exposed to ongoing exploitation by hackers. This comes after Microsoft warned that the CVE-2026-32201 vulnerability was exploited as a zero-day, and attackers are…

https://osintsights.com/unpatched-sharepoint-servers-exposed-to-ongoing-spoofing-attacks?utm_source=mastodon&utm_medium=social

#Cve202632201 #MicrosoftSharepoint #SpoofingAttacks #ZeroDay #UnpatchedServers

Windows Defender как таран: три 0-day за 13 дней и два из них всё ещё без патча

За две недели апреля 2026-го один анонимный исследователь выложил в открытый доступ три рабочих эксплойта против Microsoft Defender. Все три позволяют обычному пользователю без прав администратора получить SYSTEM. Два из них на момент публикации этого текста всё ещё без патча, и Huntress уже ловит их в реальных атаках. Самое неприятное: в двух случаях антивирус используют не как цель обхода, а как инструмент доставки. Defender сам, со своими SYSTEM-правами, пишет вредоносный файл в C:\Windows\System32 — потому что ему так сказали. Ниже — что именно произошло, почему это работает и что с этим делать, если у вас парк Windows-машин.

https://habr.com/ru/articles/1026260/

#cve #zeroday #defender #microsoft_defender

Vom #BlueHammer-Autor: Neuer #Windows :windows: -#Zeroday verschafft Adminrechte | Security https://www.heise.de/news/Vom-BlueHammer-Autor-Neuer-Windows-Zeroday-verschafft-Adminrechte-11260913.html #0day #RedSun #exploit #Microsoft #MicrosoftWindows :windows: