惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

F
Full Disclosure
Recorded Future
Recorded Future
T
Tenable Blog
S
Securelist
C
CERT Recently Published Vulnerability Notes
T
Threatpost
S
Schneier on Security
A
Arctic Wolf
The Hacker News
The Hacker News
C
CXSECURITY Database RSS Feed - CXSecurity.com
Know Your Adversary
Know Your Adversary
P
Privacy International News Feed
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
The Register - Security
The Register - Security
Cisco Talos Blog
Cisco Talos Blog
AWS News Blog
AWS News Blog
K
Kaspersky official blog
T
True Tiger Recordings
T
Threat Research - Cisco Blogs
V
Vulnerabilities – Threatpost
P
Palo Alto Networks Blog
T
The Exploit Database - CXSecurity.com
小众软件
小众软件
B
Blog
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
Microsoft Azure Blog
Microsoft Azure Blog
Cyberwarzone
Cyberwarzone
C
Cybersecurity and Infrastructure Security Agency CISA
T
Tor Project blog
Spread Privacy
Spread Privacy
Malwarebytes
Malwarebytes
P
Proofpoint News Feed
F
Fox-IT International blog
F
Fortinet All Blogs
P
Privacy & Cybersecurity Law Blog
G
GRAHAM CLULEY
量子位
Latest news
Latest news
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
博客园 - 叶小钗
Project Zero
Project Zero
T
Tailwind CSS Blog
N
Netflix TechBlog - Medium
Martin Fowler
Martin Fowler
IntelliJ IDEA : IntelliJ IDEA – the Leading IDE for Professional Development in Java and Kotlin | The JetBrains Blog
IntelliJ IDEA : IntelliJ IDEA – the Leading IDE for Professional Development in Java and Kotlin | The JetBrains Blog
I
Intezer
博客园_首页
腾讯CDC
H
Hackread – Cybersecurity News, Data Breaches, AI and More
D
Darknet – Hacking Tools, Hacker News & Cyber Security

Google adds end-to-end Gmail encryption to Android, iOS devices for enterprises | CSO Online

Microsoft previews automatic device isolation in Defender for Endpoint GitHub Actions abused by Megalodon attack to slip malicious commits into 5,500 repos TrapDoor malware campaign puts developer workstations in CISO spotlight Stop treating AI governance as a review layer. Make it release infrastructure Vulnerabilities have become cyber attackers’ No. 1 door to the enterprise Security experts caution MFA alone can no longer stop threat actors Project Glasswing has uncovered 10,000 vulnerabilities: Anthropic AI security needs a shift from models to systems, researchers argue As AI speeds coding, CVE Lite CLI keeps security deliberately AI-free To pay, or not to pay: 58% of CISOs say they would pay the ransom for their data Google leaks details for Chromium bug that can turn browsers into bots FBI warns of Kali Oauth stealers Police take down VPN service (this time with a good reason) Microsoft says it's making AI 'safe for work' in your browser Why your AI strategy stops where the PLC starts: Hard lessons from the OT frontlines Identity as the primary attack surface: What modern breaches are really exploiting Google folds CodeMender into agent ecosystem amid push for AI-led AppSec Critical vulnerability in Cisco Secure Workload rated at maximum severity Unpatched ChromaDB flaw leaves servers open to remote code execution Microsoft releases open-source tools to operationalize AI agent safety AI becoming an SOC imperative for curtailing emerging cyber threats Microsoft is working on a patch for 'YellowKey' attack on Bitlocker, offers temporary fix Drupal admins rushing to patch maximum severity SQL injection vulnerability GitHub admits major source code leak after 3,800 internal repositories breached SHub Reaper impersonates Apple, Google, and Microsoft in one MacOS attack chain Why some security fixes never reach your vulnerability dashboard Microsoft disrupts malware code-signing service used by ransomware gangs Contractor’s public GitHub account exposed GovCloud and CISA credentials AntV data visualization tool the latest to be hit by ongoing npm supply chain attacks GitHub scales back bug bounties, reminds users security is their responsibility too Internet Explorer may be dead, but its ghost still runs malware 7 tips for accelerating cyber incident recovery SIEM-Kaufratgeber Schwachstellen managen: Die besten Vulnerability-Management-Tools Security-Infotainment: Die besten Hacker-Dokus Microsoft May security patch fails for some due to boot partition size glitch AI cyberattackers are getting better faster New image-based prompt injection attack targets multimodal AI models ‘Patched’ Windows bug resurfaces 6 years later as working SYSTEM-level exploit AI coding is fueling a secrets-sprawl crisis few CISOs are containing Why the best security investment a board can make in 2026 isn’t another tool Expired domain leads to supply chain attack on node-ipc npm package Exchange Server zero-day vulnerability can be triggered by opening a malicious email Cisco warns of an actively exploited SD-WAN flaw with max severity Autonomous systems are finally working. Security is next EU’s Cyber Resiliency Act will put IT leaders to the test The economics of ransomware 3.0 AI agent finds 18-year-old remote code execution flaw in Nginx Meet Fragnesia, the third Linux kernel vulnerability in a month FlowerStorm phishing gang adopts virtual-machine obfuscation to evade email defenses PraisonAI vulnerability gets scanned within 4 hours of disclosure What CISOs need to land a board role Fired employee sought AI help to hide deletion of hosting firm’s customer data Fortinet fixes two critical RCE flaws in FortiAuthenticator and FortiSandbox What happens when China’s AI catches up to Mythos? Microsoft’s new AI system finds 16 Windows flaws, including four critical RCEs Palo Alto bets on identity security for autonomous AI with Idira launch ClickFix finds a backup plan in PySoxy proxy chains CISA’s AI SBOM guidance pushes software supply-chain oversight into new territory 2026 CSO Award winners showcase business-enabling cyber innovation Google entdeckt erstmals KI-basierten Zero-Day-Exploit Der Kaufratgeber für Breach & Attack Simulation Tools May Patch Tuesday roundup: Critical holes in Windows Netlogon, DNS, and SAP S/4HANA Mistral AI SDK, TanStack Router hit in npm software supply chain attack OpenAI introduces Daybreak cyber platform, takes on Anthropic Mythos Fake Claude Code takes the IElevator to your browser secrets cPanel flaw exposes enterprises to hosting supply-chain risks Developer workstations are the new beachhead CISOs step into the AI spotlight Why patching SLAs should be the floor, not the strategy Cybersicherheitsvorschriften: So erfüllen Sie Ihre Compliance-Anforderungen Customer Identity & Access Management: Die besten CIAM-Tools Linux kernel maintainers suggest a ‘kill switch’ to protect systems until a zero-day vulnerability is patched Entries now open for the 2026 CSO30 Australia Awards Lyrie.ai Joins First Batch of Anthropic’s Cyber Verification Program Google discovers weaponized zero-day exploits created with AI Malicious Hugging Face model masquerading as OpenAI release hits 244K downloads New ‘Dirty Frag’ exploit targets Linux kernel for root access AI security is repeating endpoint security's biggest mistake 8 guiding principles for reskilling the SOC for agentic AI 1,800+ MCP servers exposed without authentication: How zero trust can secure the AI agent revolution Five new holes, one exploited, found in Ivanti Endpoint Manager Mobile Claude in Chrome is taking orders from the wrong extensions Your CTEM program is probably ignoring MCP. Here’s how to fix it Pen tests show AI security flaws far more severe than legacy software bugs Your refresh plan has a CVE blind spot Become a millionaire by bug hunting on Android 13 new critical holes in JavaScript sandbox allow execution of arbitrary code Ollama vulnerability highlights danger of AI frameworks with unrestricted access LinkedIn illegally blocking free accounts from seeing 'who's viewed your profile' data, group alleges Bots in translation: Can AI really fix SIEM rule sprawl across vendors? Critical Palo Alto Networks software bug hits exposed firewalls CISOs: Align cyber risk communication with boardroom psychology Ten years later, has the GDPR fulfilled its purpose? US government agency to safety test frontier AI models before release Iranian state-backed spies pose as ransomware slingers in false flag attacks New malware turns Linux systems into P2P attack networks Poisoned truth: The quiet security threat inside enterprise AI Train like you fight: Why cyber operations teams need no-notice drills Die besten DAST- & SAST-Tools
Microsoft patches two zero-day flaws in Defender
2026-05-22 · via Google adds end-to-end Gmail encryption to Android, iOS devices for enterprises | CSO Online

Microsoft released emergency fixes for two zero-day vulnerabilities in the malware protection components of Microsoft Defender. The flaws allow local attackers to gain system-level privileges or cause the anti-malware service to stop working correctly.

Both conditions are valuable in a malware attack, first to prevent detection if the system relies only on Microsoft endpoint protection and second to gain full control over the system.

On Wednesday, the United States Cybersecurity and Infrastructure Security Agency (CISA), added the two vulnerabilities, tracked as CVE-2026-41091 and CVE-2026-45498, to its Known Exploited Vulnerabilities (KEV) catalog, signaling that exploitation was detected in the wild.

Security experts report that the two flaws are behind the RedSun and UnDefend exploits published last month on GitHub by a disgruntled researcher who calls themselves Nightmare Eclipse. While plausible, Microsoft has not mentioned those exploit names in its advisories for these two vulnerabilities.

The privilege escalation flaw, CVE-2026-41091, is located in mpengine.dll, the Microsoft Malware Protection Engine (MPE) component that handles file scanning, malware detection, and cleaning in several Microsoft anti-malware products: Microsoft Defender, Microsoft System Center Endpoint Protection, Microsoft System Center 2012 R2 Endpoint Protection, Microsoft System Center 2012 Endpoint Protection, and Microsoft Security Essentials.

The vulnerability is described as an improper link resolution before file access issue. In other words, it’s related to a link- or shortcut-following routine that has unintended consequences. The flaw is rated with a CVSS score of 7.8, meaning high severity.

The other vulnerability, CVE-2026-45498, is in the Microsoft Defender Antimalware Platform (MsMpEng.exe), which along with a series of kernel-mode drivers, is responsible for real-time monitoring and protection. As with MPE, this component is used by Microsoft’s other endpoint protection products.

Although Microsoft issues updates for malware definitions three times per day, platform components such as mpengine.dll and MsMpEng.exe are updated only once per month or as needed.

Customers are advised to manually trigger a check for updates in their respective product and check that they are running version 1.1.26040.8 or newer of the Malware Protection Engine and version 4.18.26040.7 or newer of the Microsoft Defender Antimalware Platform. The Malware Protection Engine update also fixes a remote code execution vulnerability tracked as CVE-2026-45584, but this flaw has not been publicly disclosed or exploited.

SUBSCRIBE TO OUR NEWSLETTER

From our editors straight to your inbox

Get started by entering your email address below.

此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。