Windows Defender Patch Leads to Disk Exhaustion Vulnerability
A zero-day patch for Windows Defender released by Microsoft has introduced a new issue, potentially allowing attackers to fill hard drives.
A zero-day patch for Windows Defender released by Microsoft has introduced a new issue, potentially allowing attackers to fill hard drives.
AMDGPU driver maintainer Alex Deucher submits 30 patches to replace BUG() macros, which cause kernel panics, with warnings or errors, enhancing stability and security.
The FBI used Windows' GDID (Global Device Identifier) to identify a suspect from the Scattered Spider group, spotlighting the role of OS telemetry data in criminal investigations.
Following its deprecation in Linux 7.2, the AF_ALG interface in the Linux kernel will see stricter restrictions in version 7.3 with a new `af_alg_restrict` sysctl parameter, featuring three levels of control to mitigate security risks.
A critical use-after-free vulnerability caused by a race condition has been discovered in the Linux kernel's epoll subsystem. While Anthropic's AI "Mythos" identified a separate bug in the same code area, it failed to detect this vulnerability.
Fedora Linux 45 is considering enabling hardware-enforced Shadow Stack protection by default, a feature of Intel CET to counter ROP attacks.
Jamf researchers uncover PamStealer, a sophisticated macOS malware featuring PAM-based password verification, AppleScript execution, and Rust-based payloads.
An anonymous researcher, "bikini," has released exploit codes for zero-day vulnerabilities in 15 software products without prior notice. Two vulnerabilities, in libssh2 and Gitea, have already been exploited in attacks.
The autonomous AI penetration testing tool "Strix" has been unveiled, featuring dynamic code execution for provable vulnerability detection and CI/CD integration, gaining attention as an alternative to manual penetration testing.
Theft and fraud targeting mailed checks are on the rise in the U.S., with "check washing" and mailbox "fishing" becoming widespread. Experts warn that mailing checks should be entirely avoided.
The Linux Foundation, in collaboration with Amazon, Anthropic, OpenAI, NVIDIA, Microsoft, and others, has launched "Akrites." The initiative aims to protect critical open-source software (OSS) by addressing the rapid increase in vulnerabilities discovered by AI/LLMs, establishing a coordinated disclosure process and a dedicated security incident response team.
AWS announces "AWS Continuum," a new service that prioritizes vulnerabilities by considering code scans, infrastructure configurations, access controls, network topology, and business priorities. Designed to avoid reliance on specific AI models.
Microsoft has acknowledged the Defender vulnerability CVE-2026-50656, exploiting a race condition to gain System privileges. CVSS 7.8, PoC released. No patch provided yet.
Honda Civic's Android software packages signed with AOSP test keys allow arbitrary code execution via USB physical access, making it a target for Evil Maid attacks.
A second wave of malware attacks has been confirmed in the Arch Linux AUR. The first wave infected over 1,500 packages. The second wave uses code obfuscation to evade detection, employing more advanced techniques.
Apple's security team rewrote the TrueType font hinting interpreter from C to Swift, achieving an average 13% performance improvement and releasing the source code.
EFF kicks off Season 2 of its digital rights Q&A for the LGBTQ+ community for Pride Month, offering practical advice on online privacy—from choosing photos on dating apps to staying safe during protests.
A critical vulnerability found in "Cannabis Club Systems," software for Spanish cannabis clubs, leaves nearly 1 million photo IDs unprotected on a public URL with no password.