
Hosted by Johannes Ullrich · EN

Apple Patches Everythinghttps://isc.sans.edu/diary/Apple%20Patches%20Everything/32976 End-to-End Encrypted RCS Messageshttps://www.apple.com/newsroom/2026/05/end-to-end-encrypted-rcs-messaging-begins-rolling-out-today-in-beta/ Why we use CAPTCHAshttps://isc.sans.edu/diary/Why%20we%20use%20CAPTCHAs/32974 Checkmarx Jenkins AST plugin compromisehttps://checkmarx.com/blog/ongoing-security-updates/

Another Universal Linux Local Privilege Escalation (LPE) Vulnerability: Dirty Fraghttps://isc.sans.edu/diary/Another%20Universal%20Linux%20Local%20Privilege%20Escalation%20%28LPE%29%20Vulnerability%3A%20Dirty%20Frag/32968 PAM Backdoors Steel Passwordshttps://flare.io/learn/resources/blog/pamdoora-new-linux-pam-based-backdoor-sale-dark-web CPanel Updateshttps://support.cpanel.net/hc/en-us/sections/360007088193-Security Let s Encrypt Briefly Halts Certificate Issuance https://letsencrypt.status.io

An Adaptive Cyber Analytics UI for Web Honeypot Logshttps://isc.sans.edu/diary/An%20Adaptive%20Cyber%20Analytics%20UI%20for%20Web%20Honeypot%20Logs%20%5BGuest%20Diary%5D/32962 Ivanti May Patchdayhttps://hub.ivanti.com/s/article/May-2026-Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM-Multiple-CVEs Redis Security advisory: [CVE 2026 23479] [CVE 2026 25243] [CVE-2026-25588] [CVE 2026 25589] [CVE-2026-23631]https://redis.io/blog/security-advisory-cve202623479-cve202625243-cve-2026-25588-cve202625589-cve-2026-23631/ @sans_edu research paper: Marcio Enriquez [link will be added once the paper has been published]

Technical issue with .de domainshttps://blog.denic.de/en/technical-issue-with-de-domains-resolved/ CVE-2026-0300 PAN-OS: Unauthenticated user initiated Buffer Overflow Vulnerability in User-ID Authentication Portalhttps://security.paloaltonetworks.com/CVE-2026-0300 Android Security Bulletin May 2026 CVE-2026-0073https://source.android.com/docs/security/bulletin/2026/2026-05-01

Cleartext Passwords in MS Edge? In 2026?https://isc.sans.edu/diary/Cleartext%20Passwords%20in%20MS%20Edge%3F%20In%202026%3F/32954 SSL.com rotates its root certificate todayhttps://isc.sans.edu/diary/SSL.com%20rotates%20their%20root%20certificate%20today/32956 DEAMONTOOLS Compromisehttps://securelist.com/tr/daemon-tools-backdoor/119654/

DShield Honeypot Updatehttps://isc.sans.edu/diary/DShield%20Honeypot%20Update/32948 MOVEit Automation Critical Security Alert Bulletin April 2026 (CVE-2026-4670, CVE-2026-5174)https://community.progress.com/s/article/MOVEit-Automation-Critical-Security-Alert-Bulletin-April-2026-CVE-2026-4670-CVE-2026-5174 Apache httpd http2 vulnerabilityhttps://seclists.org/oss-sec/2026/q2/387

Malicious Ad for Homebrew Leads to MacSync Stealerhttps://isc.sans.edu/diary/Malicious%20Ad%20for%20Homebrew%20Leads%20to%20MacSync%20Stealer/32942 Wireshark Updatehttps://www.wireshark.org/docs/relnotes/wireshark-4.6.5.html Digicert Microsoft Defender False Positivehttps://www.reddit.com/r/cybersecurity/comments/1t2hfsh/mde_flagging_digi_cert_certificate_as_malicious/https://bugzilla.mozilla.org/show_bug.cgi?id=2033170 cPanel Exploitedhttps://support.cpanel.net/hc/en-us/articles/40073787579671-Security-CVE-2026-41940-cPanel-WHM-WP2-Security-Update-04-28-2026

Danger of Libredtailhttps://isc.sans.edu/diary/Danger%20of%20Libredtail%20%5BGuest%20Diary%5D/32936 FreeBSD dhclient vulnerabilityhttps://www.freebsd.org/security/advisories/FreeBSD-SA-26:12.dhclient.asc Linux Copy-Fail Vulnerability CVE-2026-31431https://copy.fail Bryan Nice Research Paperhttps://www.linkedin.com/in/bryannice/https://www.sans.edu/cyber-research/detecting-ai-pickling

Today's Odd Web Requestshttps://isc.sans.edu/diary/Today%27s%20Odd%20Web%20Requests/32934 Incomplete Patch of APT28's Zero-Day Leads to CVE-2026-32202https://www.akamai.com/blog/security-research/2026/apr/incomplete-patch-apt28s-zero-day-cve-2026-32202 Assess Secure Boot status with Microsoft Defenderhttps://techcommunity.microsoft.com/blog/MicrosoftDefenderATPBlog/assess-secure-boot-status-with-microsoft-defender/4510356 Deprecating Legacy TLS and Endpoints for POP and IMAP in Exchange Onlinehttps://techcommunity.microsoft.com/blog/exchange/deprecating-legacy-tls-and-endpoints-for-pop-and-imap-in-exchange-online/4515201 SAP Related npm Packages Compromisedhttps://www.stepsecurity.io/blog/a-mini-shai-hulud-has-appeared

HTTP Requests with X-Vercel-Set-Bypass-Cookie Headerhttps://isc.sans.edu/diary/HTTP%20Requests%20with%20X-Vercel-Set-Bypass-Cookie%20Header/32930 GitHub Vulnerability CVE-2026-3854https://www.wiz.io/blog/github-rce-vulnerability-cve-2026-3854 Microsoft RDP Notification Bughttps://support.microsoft.com/en-us/topic/april-14-2026-kb5083768-os-build-28000-1836-839e4a25-d979-4158-b70c-182333045883