nerdDual

NerdDual Nav

Chatbox

You must be logged in to post comments on this site - please either log in from the Login box or from here.

dj617 7 months ago

@djames617 Welcome

Headlines

The Hacker News

»	Microsoft Open-Sources RAMPART and Clarity to Secure AI Agents During Development Microsoft has unveiled two new open-source tools called RAMPART and Clarity to assist developers in better testing the security of artificial intel...
»	Microsoft Takes Down Malware-Signing Service Behind Ransomware Attacks Microsoft on Tuesday said it disrupted a malware-signing-as-a-service (MSaaS) operation that weaponized the company's Artifact Signing system to de...

Date published: Thu, 21 May 2026 05:47:31 +0530
Details

darkreading

»	Cyber Pros Can't Decide If AI Is a Good or a Bad Thing There is nothing cybersecurity professionals are more excited about, and nothing they fear more, than AI.
»	GitHub Confirms Breach, 4K Internal Repos Stolen Open source software giant GitHub confirmed a data breach this week involving the theft of thousands of repos. One threat actor — TeamPCP — took cr...

Date published: not known

Schneier on Security

»	On AI Security
»	Laurie Anderson Is Quoting Me

Date published: not known
Details

Latest Newsroom

»	Windows Zero-Days Trilogy: Chaotic Eclipse’s Unpatched Assault Windows Zero-Days Trilogy: Chaotic Eclipse’s Unpatched Assault Background: Who Is Chaotic Eclipse?Securit...
»	ZKTeco-beveiligingscamera's via kritiek lek volledig over te nemen ZKTeco-beveiligingscamera's via kritiek lek volledig over te nemen Beveiligingscamera's van fabrikant ZKT...

Date published: Wed, 20 May 2026 16:39:38 +0000
Details

Cyber Security Advisories - MS-ISAC

»	Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution Multiple vulnerabilities have been discovered in Mozilla products, the most severe of which could allow for arbitrary code execution. Mozilla Firef...
»	Multiple Vulnerabilities in NGINX Could Allow for Remote Code Execution Multiple vulnerabilities have been discovered in NGINX, the most severe of which could allow for remote code execution. NGINX is a software used fo...

Date published: not known

Latest Vulnerabilities

»	CVE-2026-9149 - Libsolv: heap buffer overflow in libsolv repo_add_solv via negative maxsize from crafted .solv file CVE ID :CVE-2026-9149 Published : May 21, 2026, 12:16 a.m. \| 43 minutes ago Description :A flaw was found in libsolv. This heap buffer...
»	CVE-2026-40165 - authentik: SAML NameID XML Comment Injection Enables Authentication Bypass via Identifier Truncation CVE ID :CVE-2026-40165 Published : May 21, 2026, 12:16 a.m. \| 44 minutes ago Description :authentik is an open-source identity provide...

Date published: Thu, 21 May 2026 00:16:35 +0000
Details

This web site requires that javascript be enabled. Click here for instructions..

Latest Newsroom

Windows Zero-Days Trilogy: Chaotic Eclipse’s Unpatched Assault
Windows Zero-Days Trilogy: Chaotic Eclipse’s Unpatched Assault

Background: Who Is Chaotic Eclipse?Security researcher Chaotic Eclipse, operating under the GitHub handle Nightmare-Eclipse, has published working exploit code for five separate Windows vulnerabilitie ...

Published Date: May 20, 2026 (8 hours, 55 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2026-33825 CVE-2020-17103
ZKTeco-beveiligingscamera's via kritiek lek volledig over te nemen
ZKTeco-beveiligingscamera's via kritiek lek volledig over te nemen

Beveiligingscamera's van fabrikant ZKTeco bevatten een kritieke kwetsbaarheid waardoor de apparaten op afstand door een aanvaller volledig zijn over te nemen. ZKTeco roept klanten op om de beschikbaar ...

Published Date: May 20, 2026 (10 hours, 45 minutes ago)

Vulnerabilities has been mentioned in this article.
FreePBX Vulnerability Allow Attackers to Gain Access to User Portals
FreePBX Vulnerability Allow Attackers to Gain Access to User Portals

A critical vulnerability in the open-source IP PBX platform FreePBX could allow unauthenticated attackers to access user portals. The issue, tracked as CVE-2026-46376, affects the User Control Panel ( ...

Published Date: May 20, 2026 (11 hours, 23 minutes ago)

Vulnerabilities has been mentioned in this article.
Critical ExifTool Vulnerability Allows Attackers to Compromise Macs via Single Malicious Image
Critical ExifTool Vulnerability Allows Attackers to Compromise Macs via Single Malicious Image

ExifTool, a ubiquitous open-source utility for reading and writing file metadata, is at the center of a severe security flaw affecting macOS environments. Discovered by Kaspersky’s Global Research and ...

Published Date: May 20, 2026 (11 hours, 29 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2026-3102
Microsoft Releases Mitigation for Windows BitLocker Security Bypass 0-Day Vulnerability
Microsoft Releases Mitigation for Windows BitLocker Security Bypass 0-Day Vulnerability

Microsoft has disclosed a critical zero-day vulnerability in Windows BitLocker, tracked as CVE-2026-45585, that allows threat actors with physical access to bypass full-disk encryption entirely, poten ...

Published Date: May 20, 2026 (16 hours, 9 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2026-45585
Microsoft Releases Mitigation for YellowKey BitLocker Bypass CVE-2026-45585 Exploit
Microsoft Releases Mitigation for YellowKey BitLocker Bypass CVE-2026-45585 Exploit

Microsoft on Tuesday released a mitigation for a BitLocker bypass vulnerability named YellowKey following its public disclosure last week. The zero-day flaw, now tracked as CVE-2026-45585, carries a C ...

Published Date: May 20, 2026 (17 hours, 7 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2026-45585 CVE-2026-42897 CVE-2026-41940
Critical ChromaDB Flaw Exposes AI Vector Databases to Remote Code Execution
Critical ChromaDB Flaw Exposes AI Vector Databases to Remote Code Execution

The security issue tracked as CVE-2026-45829, often referred to in analysis as ChromaToast Served Pre-Auth, affects the open-source vector database ChromaDB. ChromaDB is widely used for semantic searc ...

Published Date: May 20, 2026 (17 hours, 9 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2026-45829 CVE-2026-42945 CVE-2026-0300
Microsoft waarschuwt voor YellowKey-lek dat BitLocker-encryptie omzeilt
Microsoft waarschuwt voor YellowKey-lek dat BitLocker-encryptie omzeilt

woensdag 20 mei 2026, 09:33 door Redactie, 2 reactiesLaatst bijgewerkt: Vandaag, 10:34 Microsoft waarschuwt voor een nieuwe kwetsbaarheid in Windows genaamd YellowKey waardoor de BitLocker-encryptie v ...

Published Date: May 20, 2026 (18 hours, 2 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2026-45585
PoC Exploit Released for 20-Year Old PostgreSQL RCE Vulnerability
PoC Exploit Released for 20-Year Old PostgreSQL RCE Vulnerability

A proof-of-concept (PoC) exploit has been publicly released for CVE-2026-2005, a critical remote code execution (RCE) vulnerability affecting PostgreSQL’s pgcrypto extension. The flaw, rooted in legac ...

Published Date: May 20, 2026 (21 hours, 9 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2026-2005
GitHub Source Code Breach – TeamPCP Claims Access to Internal Source Code
GitHub Source Code Breach – TeamPCP Claims Access to Internal Source Code

A notorious threat actor operating under the alias TeamPCP claims to have breached GitHub’s internal systems, allegedly exfiltrating proprietary organization data and source code. The attackers are of ...

Published Date: May 20, 2026 (22 hours, 55 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2026-33634