CVE-2026-45585: Windows Zero-Day Bypasses BitLocker
May 20, 2026
Microsoft disclosed CVE-2026-45585, a Windows zero-day that allows attackers with physical access to bypass BitLocker encryption without the decryption key.
Endpoint Security
CVE-2026-45585: Windows Zero-Day Bypasses BitLocker
Microsoft disclosed CVE-2026-45585, a Windows zero-day that allows attackers with physical access to bypass BitLocker encryption without the decryption key.
Trapdoor Android Ad Fraud Scheme Generated 659M Fake Bids
HUMAN's Satori team disclosed Trapdoor, 455 malicious Android apps generating 659 million fake ad bids daily, with more than 24 million total downloads.
KongTuke IAB Uses Microsoft Teams to Deploy ModeloRAT in 5 Minutes
ReliaQuest found KongTuke impersonating IT help desk staff via Microsoft Teams to trick employees into running PowerShell, deploying ModeloRAT and selling access to ransomware groups.
node-ipc npm Package Hid Credential Stealer Across Three Versions
Socket and StepSecurity found stealer backdoors in three node-ipc npm versions targeting 90 cloud and developer credential categories via an unknown new publisher account.
MiniPlasma Windows Exploit Grants SYSTEM Access with No Patch
A researcher released a working MiniPlasma PoC granting SYSTEM access on fully patched Windows using an unpatched vulnerability first identified in 2020.
Leaked Shai-Hulud Code Fuels npm Infostealer Wave Targeting Devs
Shai-Hulud malware source code fueled a wave of poisoned npm packages in the @antv ecosystem, including echarts-for-react with 1.1 million weekly downloads.
Pwn2Own Berlin 2026 Closes with $1.3M in Zero-Day Prizes
Pwn2Own Berlin 2026 concluded with $1.3 million in prizes, including the first successful exploits of AI agent platforms in the competition's history.
FamousSparrow APT Hit Azerbaijani Energy Firm in Three Waves
Bitdefender researchers documented three consecutive FamousSparrow intrusions against an Azerbaijani oil and gas firm between December 2025 and February 2026.
MuddyWater Targeted South Korean Electronics Maker via DLL Sideloading
Iran-linked MuddyWater targeted nine organizations globally in 2026, including a South Korean electronics firm, using legitimate vendor DLLs for sideloading.
Linux Kernel Fragnesia CVE-2026-46300 Grants Root via Page Cache
CVE-2026-46300 Fragnesia is a third Linux kernel LPE enabling root access via page cache corruption with no race condition required. Patches available.
Trapdoor Android Ad Fraud Scheme Generated 659M Fake Bids
May 20, 2026
HUMAN’s Satori team disclosed Trapdoor, 455 malicious Android apps generating 659 million fake ad bids daily, with more than 24
KongTuke IAB Uses Microsoft Teams to Deploy ModeloRAT in 5 Minutes
May 19, 2026
ReliaQuest found KongTuke impersonating IT help desk staff via Microsoft Teams to trick employees into running PowerShell, deploying ModeloRAT and
node-ipc npm Package Hid Credential Stealer Across Three Versions
May 19, 2026
Socket and StepSecurity found stealer backdoors in three node-ipc npm versions targeting 90 cloud and developer credential categories via an
MiniPlasma Windows Exploit Grants SYSTEM Access with No Patch
May 19, 2026
A researcher released a working MiniPlasma PoC granting SYSTEM access on fully patched Windows using an unpatched vulnerability first identified
Leaked Shai-Hulud Code Fuels npm Infostealer Wave Targeting Devs
May 19, 2026
Shai-Hulud malware source code fueled a wave of poisoned npm packages in the @antv ecosystem, including echarts-for-react with 1.1 million
Pwn2Own Berlin 2026 Closes with $1.3M in Zero-Day Prizes
May 19, 2026
Pwn2Own Berlin 2026 concluded with $1.3 million in prizes, including the first successful exploits of AI agent platforms in the
FamousSparrow APT Hit Azerbaijani Energy Firm in Three Waves
May 14, 2026
Bitdefender researchers documented three consecutive FamousSparrow intrusions against an Azerbaijani oil and gas firm between December 2025 and February 2026.
MuddyWater Targeted South Korean Electronics Maker via DLL Sideloading
May 14, 2026
Iran-linked MuddyWater targeted nine organizations globally in 2026, including a South Korean electronics firm, using legitimate vendor DLLs for sideloading.
Linux Kernel Fragnesia CVE-2026-46300 Grants Root via Page Cache
May 14, 2026
CVE-2026-46300 Fragnesia is a third Linux kernel LPE enabling root access via page cache corruption with no race condition required.
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.