Crow's Nest - 2026-05-28

A roundup of 82 items curated from across the security community.

News

• Active exploitation of a Cisco Catalyst SD-WAN auth bypass (CVE-2026-20182) by Cisco Talos.

Talos is tracking in-the-wild exploitation of CVE-2026-20182, an authentication bypass in Cisco Catalyst SD-WAN Manager and Controller.

• Pwn2Own Berlin 2026: DEVCORE takes Master of Pwn by Dustin Childs.

DEVCORE took Master of Pwn at Pwn2Own Berlin 2026, capping an event that paid $1,298,250 for 47 zero-days. Orange Tsai chained three bugs to RCE as SYSTEM on Exchange for $200,000.

• ShinyHunters leaks 9.4GB of 7-Eleven franchisee data.

ShinyHunters dumped a 9.4GB database from 7-Eleven franchisee systems after the company refused to pay, exposing over 185,000 accounts.

• CISA contractor leaked GovCloud keys and passwords on GitHub.

A CISA contractor published GovCloud access keys, plaintext passwords, and SSH keys to a public GitHub repo. Senator Hassan is now pressing CISA and DHS for answers. Also: lawmakers demand answers.

• Iranian-aligned group used Stryker’s own Intune to wipe 200,000 devices by The Haag™.

No malware, just a legitimate admin tool: attackers issued remote wipe commands through Stryker’s Microsoft Intune, clearing 200,000 devices across 79 countries. Confirmed in an SEC filing.

• Composer supply-chain attack compromises laravel-lang packages by Giuseppe N3mes1s.

Multiple laravel-lang Packagist packages were backdoored with autoload-time payloads across 50-plus versions. Pin to a known-good commit and rotate secrets. Also: bumblebee exposure scanner, npm staged publishing.

Techniques and Write-ups

• YellowKey zero-day defeats default Windows 11 BitLocker by Bruce Schneier.

A reliable exploit bypasses BitLocker on default Windows 11 deployments. It needs physical access, but undermines the at-rest protection many orgs assume.

• RCE in the Strix AI agent sandbox via prompt injection.

Prompt-injection chain that turns the Strix AI pentest agent’s sandbox into reliable remote code execution. A concrete walk-through from injection to impact.

• Analyzing the Taiwan High-Speed Rail TETRA incident (part 1).

Midnight Blue dissects a cyber incident on Taiwan’s high-speed rail, including the TETRA radio angle. Part one of the analysis.

• CVE-2026-0265: Palo Alto PAN-OS GlobalProtect auth bypass by LiveOverflow.

An authentication bypass in PAN-OS GlobalProtect CAS auth lets an attacker connect to a target’s VPN. Hacktron breaks down the bug.

• Project Zero: a 0-click exploit chain for the Pixel 10 by Project Zero Bugs.

Project Zero details “When a Door Closes, a Window Opens,” a zero-click exploit chain against the Pixel 10.

• Detecting Tycoon2FA AITM across Entra ID and Google Workspace by Samir.

Telemetry fingerprints and ready-to-ship detection rules for Tycoon2FA adversary-in-the-middle attacks across Entra ID and Google Workspace.

• Vaultjacking: one PIN dumps the whole Google Password Manager vault.

A phishing technique that turns a single captured PIN into the victim’s entire Google Password Manager vault.

• CVE-2026-40369: a 12-byte kernel increment to LPE and sandbox escape by SinSinology.

VoidSec turns a 12-byte kernel increment into both a local privilege escalation and a browser sandbox escape, with full exploitation strategy.

• NSA security guidance for MCP-based AI automation by K̵i̵r̵k̵ ̵T̵r̵y̵c̵h̵e̵l̵.

The NSA publishes security design considerations for AI agent workflows built on MCP, covering the risks of wiring diverse capabilities into one agent.

• Tenant enumeration is dead by Sprocket Security.

Microsoft closed the unauthenticated ACS metadata endpoint that dumped every domain in a tenant in one GET. Recon now means stitching together DKIM CNAME lookups, MX brute-forcing, and authenticated Graph queries.

• A QEMU 0-day, after DEF CON patched the n-day by Alex Plaskett.

After DEF CON patched their QEMU n-day, kqx goes hunting and turns up a fresh 0-day in the same hypervisor.

• An OS built to reverse-engineer CPUs, used on Apple Silicon by Alex Plaskett.

MIT researchers built an operating system for reverse engineering CPUs and used it to probe Apple Silicon branch predictors, uncovering Phantom fetches.

• Kazuar: anatomy of a nation-state botnet by bohops.

Microsoft dissects Kazuar, the nation-state botnet, breaking down how it is built and operated.

Tools and Exploits

• Introducing EvidenceForge: Synthetic security logs that don’t look (as) fake by David J. Bianco.

Talos open-sources a generator for realistic, multi-format security log datasets, so teams can train analysts and validate detections without hand-built simulations.

• TailscaleHound: mapping Tailscale attack paths in BloodHound by Andrew Gomez.

A BloodHound OpenGraph collector that maps Tailscale users, devices, ACLs, routes, and keys so you can answer who can reach what.

• TREVORspray adds DKIM-based tenant enumeration.

TREVORspray adapts to the post-ACS world: it now pulls M365 tenant names from DKIM selector CNAMEs during recon, and adds a –user-enum flag for scripted spraying.