A roundup of 54 items curated from across the security community.
News
VulnCheck sees CVE-2026-40466 burning in active campaigns: authenticated RCE in ActiveMQ via the vm:// protocol, a bypass of the original CVE-2026-34197 fix. 2,700+ exposed instances on Shodan.
Ivan Kwiatkowski’s deep-dive cuts through weeks of hot takes about Anthropic’s Mythos: what the actual capability claims are, what they mean for the bug-finding economy, and what the rollout did to industry trust.
Calif and Mathieu Tarral pocketed two Chrome bugs and $57,000 from Google’s VRP using a $20-per-month AI subscription as the harness. Full methodology coming at the Stanford Real World AI Security Conference.
Thirteen attacker accounts pushed 575+ trojanized skills onto Hugging Face and ClawHub. Payloads hit both Windows and macOS via hidden commands and indirect prompt injection.
Two critical bugs in a popular Solana router let an attacker drain every token account it owns. Full writeup at atlas-it.consulting.
Dark Tangent on the CA/B Forum schedule that takes TLS cert validity from 350 days down to 47, plus the deprecation of DANE that left the gap in the first place.
Counterfeit OpenAI repo on Hugging Face served an infostealer to anyone who pip-installed it. Useful reminder that model hubs are a supply-chain surface now.
More this week (11)
- Trenchant exec ordered to pay $10M for selling zero-days to Russia.
- CVE-2026-42511: 21-year-old FreeBSD RCE.
- MOVEit Automation: critical auth bypass and priv-esc CVEs by Vincent Yiu.
- Ivanti EPMM zero-day exploited in the wild by BleepingComputer.
- US military data left exposed despite CISA notification by Nicolas Krassas.
- TCLBANKER trojan spreads via WhatsApp and Outlook by Nicolas Krassas.
- Fake call-history apps drained payments from 7.3M Play Store users by Nicolas Krassas.
- NVIDIA confirms GeForce NOW breach hitting Armenian users by Nicolas Krassas.
- Concerning features in the official White House app by Nicolas Krassas.
- Skoda discloses customer-shop security incident by Nicolas Krassas.
- MSRC raises Windows Insider Preview bounty by k0shl.
Techniques and Write-ups
Synacktiv’s yaumn_ closes out his Windows auth-reflection series with a new Kerberos coercion technique that remotely compromises Windows systems even with the post-PetitPotam mitigations on. Bonus payload at the end.
Walkthrough on putting Caddy in front of Evilginx as a malleable redirector, with kCaddy automating the wiring. M365 and Google Workspace impersonation flows covered.
Patrick Wardle uploads two fresh Mosyle-discovered macOS samples to the public Objective-See repo: ShadeStager (stealer) and Phoenix (first-stage persistent backdoor). Password infect3d.
beelzebub.ai reverses the Needle crypto-stealer, finds a plaintext API key inside the Rust binary, and walks back into the operator’s panel to enumerate 1,932 victims and the withdrawal config.
Infisical lays out a practical honey-token program: how to seed, deploy, and alert on bait credentials so the first sign of compromise is the attacker tripping a wire.
Mindgard demonstrates that one-time trust grants in Claude Code, Codex, and Gemini CLI become permanent attack surface. Sticky approvals turn into long-lived backdoors.
CVE-2026-7270, FreeBSD root via a shell script. Calif’s writeup of a setuid-program flaw exploitable without compiling a thing. “My human authorized this post” footer included.
R136a1 on why blockbuster Windows malware deep-dives have all but vanished. Threat-economics, tooling, and where the analyst pipeline broke.
Pushing LLMs past their confident zone to surface remote kernel OOB writes the static fuzzers kept missing. Worked example with code and harnesses.
SpecterOps’ three-part deep dive on attacking Entra Connect from sync account to global compromise. Required reading if you operate against hybrid AD.
insinuator plants attacker-controlled biometric templates into Windows Hello for Business and walks back out the front door as the victim.
Four more entries in cocomelonc’s long-running persistence catalog: Edge profiles, scheduled tasks, CertPropSvc registry hijack, and Windows Terminal profiles.
More this week (18)
- Silencing ETW Threat Intelligence via BYOVD by Panos Gkatziroulis.
- Cross-Session Activation: CLSIDs for lateral movement by Panos Gkatziroulis.
- Silencing EDR network telemetry via WFP callout patching by Panos Gkatziroulis.
- CVE-2026-6307: Turbofan JS-to-Wasm deopt type confusion by kmkz.
- LLVM-based devirtualizer beats a VM-protected crackme by Max.
- Wi-Fi pentesting in 2026: WPA3 bypasses and RBCD across forests by Max.
- Autonomous vulnerability research with Claude Code and MCP by Max.
- New Odyssey macOS stealer hides in PLIST files by Patrick Wardle.
- 3Crypt: a macOS RAT zero AV vendors caught by Patrick Wardle.
- BitLocker bypass in 5 minutes via CVE-2025-48804 downgrade.
- Adobe Reader prototype pollution chained to arbitrary file read by ϻг_ϻε.
- MiniRAT: Go macOS RAT delivered via compromised npm package by Csaba Fitzl.
- Memory poisoning AI agents via ChromaDB.
- Seclens: role-specific LLM eval for vuln detection.
- Securing CI/CD: lessons from Cilium.
- Skip the LSASS theatre: walk the $MFT instead by sailay(valen).
- Walking through Windows minifilter drivers by DirectoryRanger.
- Commonly abused administrative utilities by DirectoryRanger.
Tools and Exploits
A new lateral movement primitive that pivots through BitLocker’s DCOM service via COM hijacking. PoC drops from rtecCyberSec.