Kategorie

Microsoft has disclosed a new security vulnerability impacting on-premise versions of Exchange Server that it said has come under active exploitation in the wild. The vulnerability, tracked as CVE-2026-42897 (CVSS score: 8.1), has been described as a spoofing bug stemming from a cross-site scripting flaw. An anonymous researcher has been credited with discovering and reporting the issue. "

Microsoft has disclosed a new security vulnerability impacting on-premise versions of Exchange Server that it said has come under active exploitation in the wild. The vulnerability, tracked as CVE-2026-42897 (CVSS score: 8.1), has been described as a spoofing bug stemming from a cross-site scripting flaw. An anonymous researcher has been credited with discovering and reporting the issue. "Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

The U.S.Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a newly disclosed vulnerability impacting Cisco Catalyst SD-WAN Controller to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian Executive Branch (FCEB) agencies to remediate the issue by May 17, 2026. The vulnerability is a critical authentication bypass tracked as CVE-2026-20182. It's

The U.S.Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a newly disclosed vulnerability impacting Cisco Catalyst SD-WAN Controller to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian Executive Branch (FCEB) agencies to remediate the issue by May 17, 2026. The vulnerability is a critical authentication bypass tracked as CVE-2026-20182. It's Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

The TeamPCP hacker group is threatening to leak source code from the Mistral AI project unless a buyer is found for the data. [...]

An attacker compromises a Linux container, launches a cryptominer, sets up a way to stay in the system through a background task, and disappears before the investigation even begins. By the time analysts start looking at the logs, the workload has shut down, and the container no longer exists.

Hackers are leveraging a critical authentication bypass vulnerability in the WordPress plugin Burst Statistics to obtain admin-level access to websites. [...]

Cisco is warning that a critical Catalyst SD-WAN Controller authentication bypass flaw, tracked as CVE-2026-20182, was actively exploited in zero-day attacks that allowed attackers to gain administrative privileges on compromised devices. [...]

OpenAI says two employees' devices were breached in the recent TanStack supply chain attack that impacted hundreds of npm and PyPI packages, causing the company to rotate code-signing certificates for its applications as a precaution. [...]

On the first day of Pwn2Own Berlin 2026, security researchers collected $523,000 in cash awards after exploiting 24 unique zero-days. [...]

A zero-day exploit circulating online allows people with physical access to a Windows 11 system to bypass default BitLocker protections and gain complete access to an encrypted drive within seconds.

The exploit, named YellowKey, was published earlier this week by a researcher who goes by the alias Nightmare-Eclipse. It reliably bypasses default Windows 11 deployments of BitLocker, the full-volume encryption protection Microsoft provides to make disk contents off-limits to anyone without the decryption key, which is stored in a secured piece of hardware known as a trusted platform module (TPM). BitLocker is a mandatory protection for many organizations, including those that contract with governments.

When one disk volume manipulates another

The core of the YellowKey exploit is a custom-made FsTx folder. Online documentation of this folder is hard to find. As explained later, the directory associated with the file fstx.dll appears to involve what Microsoft calls the transactional NTFS, which allows developers to have “transactional atomicity" for file operations in transactions with a single file, multiple files, or ones that span multiple sources.

Read full article

Comments

Cisco has released updates to address a maximum-severity authentication bypass flaw in Catalyst SD-WAN Controller that it said has been exploited in limited attacks. The vulnerability, tracked as CVE-2026-20182, carries a CVSS score of 10.0. "A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly

Cisco has released updates to address a maximum-severity authentication bypass flaw in Catalyst SD-WAN Controller that it said has been exploited in limited attacks. The vulnerability, tracked as CVE-2026-20182, carries a CVSS score of 10.0. "A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Cybersecurity researchers are sounding the alarm about what has been described as "malicious activity" in newly published versions of node-ipc. According to Socket and StepSecurity, three different versions of the npm package have been confirmed as malicious - [email protected] [email protected] [email protected] "Early analysis indicates that [email protected], [email protected], and [email protected]

Cybersecurity researchers are sounding the alarm about what has been described as "malicious activity" in newly published versions of node-ipc. According to Socket and StepSecurity, three different versions of the npm package have been confirmed as malicious - [email protected] [email protected] [email protected] "Early analysis indicates that [email protected], [email protected], and [email protected] Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Linux administrators are once again dealing with a familiar problem: a local Linux foothold that can potentially become full root access.

Following a quarter in which his company delivered record revenue, Cisco CEO Chuck Robbins announced that the company's latest round of layoffs begins today.

In a blog post yesterday, Robbins was quick to boast that Cisco’s fiscal Q3 2026 earnings saw revenue increase 12 percent year-over-year to $15.8 billion. He told employees that he and the rest of Cisco’s executive leadership team “could not be prouder of the growth you have all delivered for Cisco.”

But that pride could apparently not save the company’s successful employees from unemployment.

Read full article

Comments

Everything is still on fire. This week feels dumb in the worst way — bad links, weak checks, fake help desks, shady forum posts, and people turning supply chain attacks into some cursed little game for clout and cash. Half of it feels new. Half of it feels like crap we should have fixed years ago. The mess keeps getting louder: users get tricked, boxes get popped, tools meant for normal work

Everything is still on fire. This week feels dumb in the worst way — bad links, weak checks, fake help desks, shady forum posts, and people turning supply chain attacks into some cursed little game for clout and cash. Half of it feels new. Half of it feels like crap we should have fixed years ago. The mess keeps getting louder: users get tricked, boxes get popped, tools meant for normal work Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Apple has a design for AI life. It hopes to build on the outstanding hardware performance its systems already provide to create a fantastic environment in which AI developers can thrive. If this plan sounds familiar it’s because it’s all about the App Store, and while it’s easy to expect Apple’s revenue share to change, the plan still makes the company the custodian of the AI age.

The way it should work is if app developers see that one way to bring their AI services to billions of iPhones, iPad, and Mac users is to make AI agents available via Apple’s own portals. These will likely be via App Intents, enabling Siri to execute actions inside their apps without actively opening them. 

The Information reports some developers are resistant to joining the initiative, in part because they want to avoid paying any fees. All the same, consider the moment, consider the meaning, and I think the significance is that Apple has at last got its act together with AI.

Ecosystem, services, store

Apple is going to bet that the advantages its existing store provides will give customers the faith and trust to access AI apps there rather than somewhere else. The company hasn’t announced its plan yet, though there have been hints. Just look at how Apple is laying things out with these moves (both announced and speculated about). It’s:

• Working with Google to build out Apple Intelligence.
• Working with third parties to support AI services as apps with which to replace or supplement Siri.
• Maintaining investment in better hardware to run AI — you can quite happily run some models natively on an iPad. 
• Equipping systems with powerful tools such as Unified Memory and the Neural Engine.
• Rolling out Apple Private Cloud Computer to provide an infrastructure to support private AI in the cloud.
• Pulling these elements together to form an ecosystem.

Like a jigsaw, the pieces fit together to provide a fantastic base from which Apple can distribute increasingly powerful AI APIs developers can use to create amazing AI experiences. I spoke with the smart people at the OmniGroup just last year who explained how they already use Apple Intelligence APIs (aka Foundation Models) to add powerful AI features to apps. 

That was just the first lap; the second comes at WWDC 2026; and the third and subsequent races take place over the next 12 to 24 months as Apple implements the elements it’s put in place across its ecosystem. 

Making money, one token at a time

The prize? For Apple, it’s about maintaining its own relevance within the AI age while carving out some way to generate revenue as its hardware ecosystem runs AI agents and services. The company will continue to develop and build out Apple Intelligence as a peer player in the competitive AI market. But, as most now agree, it is also focused on ensuring its platforms are the best systems on which to run AI.

Apple’s attempt to build a profitable, secure, and capable way to run AI — supported by customer-focused security and privacy standards— seems like an answer to some of the emerging challenges around AI deployment. Speak to almost anyone in IT right now and you’ll come across stories of corporate data leaks that may fall foul of data regulation. That’s before you even consider the manner in which AI ownership consolidates power over the intellectual future of humanity into such a small number of hands it almost makes media ownership seem democratic.

Getting the band together

With so much at stake, not just for Apple, it feels as if the company has found some of the answers that could enable a less frightening AI future. It has a chance to own the hardware ecosystem while curating the AI services environment for the benefit of its customers — and producing its own trusted systems for casual AI usage.

We’ll find out more in a few weeks.

You can follow me on social media! Join me on BlueSky,  LinkedIn, and Mastodon.