Trolling Microsoft With Vulnerabilities – PSW #930

Paul Asadoorian

1. Fwupd 2.1.5 Improves Firmware Updates on Dual-Boot Linux Systems

   You shouldn't dual boot, its a PITA. Also, updating your DB on the fly like this is interesting and also potentially dangerous...

2. How The 2020s Chip Crisis Led To A Buggy Saleae Analyzer In 2026
3. Microsoft Defender ‘RoguePlanet’ zero-day grants SYSTEM privileges
4. Anthropic rolls out Claude Fable 5, but it’s available for a limited time

   Fable 5 stinks, too many guardrails and too many tokens. Try again Anthropic. As cybersecurity researchers guardrails just slow us down...

5. Release EMBA – v2.0.2 – Party the big 2k · e-m-b-a/emba

   I am interested in trying this, EMBA can now use local AI models...

6. UK weakens proposed telecoms defenses against Chinese hackers after industry pushback

   Dear telecoms, you should be wicked secure. Oh, that's too hard? Okay, nevermind...

7. EDRChoker: Choking The Telemetry Stream to Bypass Defenses

   Such a cool idea: "The post describes a new red‑team technique and tool, EDRChoker, that “chokes” EDR telemetry by abusing Windows policy‑based QoS to throttle EDR agent traffic to unusably low bandwidth instead of outright blocking it. EDRChoker targets the inherent dependency of cloud‑managed EDR agents on reliable client‑server connectivity: if you break that channel, you strip away most detection, response, and command‑and‑control capabilities while leaving the agent technically “running.” Instead of Windows Firewall/WFP rules, it uses Policy‑based QoS (pacer.sys) to cap outbound bandwidth for EDR processes to as low as 8 bits per second, which forces TLS handshakes and telemetry uploads to time out, effectively isolating the agent from its backend."

8. “AI Worms”, researchers demonstrate autonomous malware capable of adapting to any online device

   Why wouldn't we have AI worms? I think we've already seen behavior similar to this.

9. U.S. CISA adds Cisco Catalyst SD-WAN, Arista Extensible Operating System (EOS), and Google Chromium V8 flaws to its Known Exploited Vulnerabilities catalog

   The Arista one is interesting:

   • Arista published the advisory with a CVE, but it took a while before it showed up in the CVE databases, which means if you were just looking at CVE data, you would not find this
   • Arista wrote in the original advisory that it was being exploited in the wild
   • It took some time, weeks, for it to show up on the CISA KEV (too slow)
   • There is a public PoC exploit: https://github.com/fevar54/CVE-2026-7473---Arista-EOS-Tunnel-Decapsulation-Bypass
   • Arista explicitly says “no software upgrade path is planned” and are only providing configuration-based mitigations (primarily ACLs around tunnel decap IPs) - which means your vuln scanner will most likely miss this as its not based just on version, but configuration, so hope you are doing configuration audits, which if you read the advisory are not easy to detect the vulnerable vs. not vulnerable configuration
10. Helping Federal Agencies Meet CISA’s Accelerated Remediation Timelines outlined in CISA BOD 26-04

    A bit of a sales pitch, but some good insights from Vulncheck: "CISA’s new BOD 26‑04 hard‑codes SSVC – Stakeholder‑Specific Vulnerability Categorization – into federal patching: you don’t just look at CVSS anymore, you look at whether the asset is exposed, whether the vuln is actively exploited, whether the attack can be automated, and whether the impact is partial or total, and that combo drives how fast you have to remediate. VulnCheck points out that CISA’s own “Vulnrichment” only has SSVC data for about 46% of CVEs, so agencies would be stuck manually rating exploitation, automatability, and impact on the rest; their answer is to auto‑generate SSVC decisions – with around 90% coverage and earlier exploit intel than CISA KEV – so you can plug those fields straight into BOD 26‑04 timelines rather than building your own SSVC pipeline from scratch."

11. BOD 26-04: Prioritizing Security Updates Based on Risk
    • BOD 26-04 is CISA’s new playbook telling federal agencies: “stop patching everything by CVSS or KEV date alone, and instead prioritize updates based on how exposed the asset is and how it’s actually being exploited in the real world.” It replaces the old “patch every KEV by this deadline” mindset with a structured risk model and pushes agencies toward continuous, automated, risk‑based remediation. ** Asset exposure – Is the system internet‑facing, on the edge, or internal only? ** Vulnerability characteristics – Exploitability, availability of weaponized exploits, complexity, required privileges, etc. ** Threat activity – Is the vuln being widely exploited, targeted at specific sectors, or just PoC‑only chatter? ** Potential impact – Mission criticality, data sensitivity, and blast radius if the asset is compromised.
    • Agencies must build processes and tooling that pull these signals together and use them to sequence mitigations, rather than just racing to clear KEVs by due date.
12. Locked in heated rivalry with researcher, Microsoft fixes 0-day they disclosed

    A few of my news articles relate to this topic, let's see if we can't break it down:

    • Nightmare Eclipse (also known as Chaotic Eclipse or Dead Eclipse) is an anonymous researcher who has been on a relentless, retaliatory zero-day disclosure campaign against Microsoft since early April 2026, releasing exploits timed to coincide with Patch Tuesday for three consecutive months. The grudge reportedly stems from Microsoft allegedly leaving the researcher "homeless with nothing" — the community is split on whether they're a whistleblower or a threat actor.
    • Just hours after June 2026 Patch Tuesday, Nightmare Eclipse published RoguePlanet, a PoC exploiting a race condition in Microsoft Defender to spawn a SYSTEM-level shell on fully patched Windows 10 and 11. The researcher posted on X taunting Microsoft: "Someone tell Microsoft they forgot to add RoguePlanet." ThreatLocker independently reproduced the exploit, confirming it's real, though their Application Allowlisting blocked it by default.
    • June Patch Tuesday patched two prior Nightmare Eclipse disclosures — GreenPlasma (CVE-2026-45586, CVSS 7.8, CTF/CTFMON LPE) and MiniPlasma (CVE-2020-17103, a regression of a 2020 vuln in the Cloud Filter driver). CVE-2026-45586 is rated "Exploitation More Likely" by Microsoft and was publicly disclosed pre-patch, making it a true zero-day. RoguePlanet remains unpatched
    • GitHub and GitLab removed Nightmare Eclipse's repos after the exploit releases. The researcher responded by standing up independent hosting infrastructure and continues to distribute code through alternate platforms — a new GitHub repo hosting RoguePlanet has already appeared.
    • Here is a table:

    | Exploit | CVE | Target | Impact | |-------------|------------------|---------------------------------|----------------| | BlueHammer | TBD | Windows | LPE | | RedSun | TBD | Windows | LPE | | GreenPlasma | CVE 2026-45586 | CTFMON/CTF Framework | LPE to SYSTEM | | YellowKey | CVE-2026-50507 | BitLocker | Bypass | | MiniPlasma | CVE-2020-17103 | Cloud Filter Driver (cldflt.sys)| LPE to SYSTEM | | RoguePlanet | Unpatched | Microsoft Defender | LPE to SYSTEM |

13. Centurion: Bring Your Own Execution Environment
    • Centurion is Praetorian’s experimental “stealth environment” for running red‑team payloads: instead of letting Windows execute their code directly, they bring along a tiny custom virtual machine and run the payload inside that, like sneaking a small computer into a bigger one so defensive tools never see normal Windows code or APIs being used. This makes it much harder for EDR to recognize or analyze what is happening, because almost everything interesting happens inside Centurion’s private little world rather than in standard Windows processes and libraries.
    • Centurion’s VM does not run a full operating system like Windows or Linux. It is closer to a tiny, purpose-built “embedded runtime” that runs your payload code and a small set of libraries (loader, networking, TLS, etc.) directly on top of the host process, using the host OS only when it needs to call specific APIs.
14. Old WinRAR Flaw Fuels Attacks on Ukraine: How Unmanaged Software Keeps the Door Open
15. More Evidence That Words Don’t Mean What We Thought They Meant (Ivanti Sentry Pre-Auth OS Command Injection CVE-2026-10520)
16. (Re)Building my Homelab

    Andy Gill from zsec just published a full homelab rebuild writeup, and it's worth a look for anyone thinking about what a serious research-focused lab looks like in 2026. He moved from a 4-NUC Proxmox cluster to a single Minisforum MS-02 Ultra — 256GB DDR5, 8TB NVMe, 25GbE — and built out a dedicated AI-assisted bug hunting pipeline with five VMs covering current and N-1 Windows patches, a fuzz box running WinAFL and Jackalope, and a full reverse engineering environment with Ghidra, angr, and pwndbg. He also slotted in a PCIe Screamer for DMA research, upgraded to a 10GbE Ubiquiti backbone, doubled his UPS capacity, and used Claude to write a custom APC UPS dashboard with SNMP-triggered graceful shutdown. The whole thing ties together through Homepage — an open-source Docker dashboard pulling live data from Proxmox, Portainer, Grafana, and Authentik — so he's got full visibility without tab-surfing fifteen management UIs.

17. Mobile device interception with MikroTik

    The setup assumes a MikroTik router acting as the AP, your test mobile device and your laptop both on that Wi‑Fi, and Burp configured in “invisible proxy” mode listening on a LAN IP/port. On the MikroTik, you create an address list (for “devices under test”) and a couple of NAT rules: one dstnat rule that, for any source in that address list, redirects TCP 80/443 to your Burp listener, and a second masquerade rule so return traffic is tracked and flows correctly.

    Once this is in place, you just toggle entries in the address list to turn interception on or off per device, effectively giving you a PITM “switch” for any client on that SSID. Because it’s transparent, it also catches apps that ignore system proxy settings, IoT gear that can’t be configured with a proxy at all, and low‑level OS traffic, as long as it’s HTTP or does not properly validate TLS certs.

18. Ivanti tells Sentry customers to patch now as critical bugs hit 10.0 and 9.9

    Ivanti Sentry, the gateway a lot of orgs park in front of mobile and email traffic, just got hit with two fresh critical vulns — CVE‑2026‑10520, a 10.0 CVSS unauthenticated command injection that gives you root on the box, and CVE‑2026‑10523, an auth bypass that lets you mint your own Sentry admin. There’s no active exploitation yet, but full technical details are already public, WatchTowr has a detection script out, and Ivanti’s urging everyone to jump to Sentry 10.5.2, 10.6.2, or 10.7.1 before this turns into the next round of Ivanti mass‑exploitation headlines

19. New Windows CTF 0-Day Vulnerability Lets Attackers Gain Elevated Privileges
20. Vengeful researcher takes third Microsoft Patch Tuesday sucker punch, posts zero-day exploit on GitHub
21. The Smart TV in Your LivingRoom Is a Node in the AIScraping Economy

    Include Security reverse-engineered Bright Data's SDK embedded in smart TV apps and found it silently enrolls your TV as a residential proxy exit node — routing AI companies' web scraping traffic through your home IP address while the device sits idle. The SDK uses a peer tunnel to evade TLS inspection, making it nearly invisible to most home network monitoring. Since smart TVs are always-on and always-connected, they're ideal for this kind of covert proxy harvesting — and the main customers paying for this traffic are AI companies trying to bypass scraping filters like Cloudflare. The blog post also drops a list of hostnames you can block at the DNS level.

David Johnson

1. Fable 5 lands on Claude. It’s like Mythos, but less bite.

   It's neat but for anything weapon, biological related, or Cybersecurity related it down manages to Opus 4.8 instead.

   I still haven't found it's ideal use case but it seems like it may be better at blowing through previous development walls in code.

2. Anthropic Model naming. Nuff said?

   Reminder, check your auto account replenishment rules before running Fable Fable xhigh = Bankruptcy speedrun

3. The data center boom is getting a bit “in tents”

   Meta announced last year it would be doing this. They are sticking billions of dollars in "rapid deployment structures" just to meet their growing data needs.

   Good news = The next picnic basket Yogi Bear steals will still be full of chips.

   Currently they have completed what would have taken 3 years to build in 2 months in Ohio in tent form.

   Next up, Tennessee.

4. AI Physician, no longer heal thyself

   Anthropic is now intentionally putting in prevention for the generation of Frontier level LLMs. Potentially disrupting large swaths of people using Claude to make more LLMs.

5. 16GB Raspi 5 – is it worth it at $350?

   Discuss

6. Motorola “bricks” are back! Just not in the way you would have liked.
7. HN Discussion – Why learn how to code now when AI can do it better and faster?

   Hacker news User "manimonji" writes. "Why would someone want to learn code when AI does it better and faster?"

   No replies yet but it's something that I'm interested in discussing in this forum.

Lee Neely

1. HIPAA Journal: 2025’s Largest Healthcare Breaches Affected Nearly 140 Million People

   According to the HIPAA Journal's analysis of data from the US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) breach portal, there were 772 healthcare-related data breaches in 2025, affecting 139,721,832 individuals. The HIPAA Journal notes that those figures are "likely to increase further as there are several data breach investigations that have yet to conclude."

   This report stands out for three alarming reasons: it reveals that data from a third of the US population was compromised in 2025 (even factoring in duplicate entries); it proves that bad actors still view healthcare as low-hanging fruit; and it raises tough questions about whether the sector's cybersecurity "best practices" are actually working.

   Make sure that you have ID protection/restoration services, that they are still active, and that they are monitoring your current information. Before you go out and purchase a service, check your existing providers, banks, credit union, auto club, etc., many of which offer free or discounted services with your current membership/patronage.

2. Espionage Campaign Targeted Stock Exchange Executive for Five Months

   Unknown attackers stole a senior executive's Outlook mailbox in incremental batches, exfiltrating through Dropbox and OneDrive Personal to keep the traffic indistinguishable from legitimate activity.

   Attack chain The initial infection vector used by the attackers in this incident is unknown. The first observed malicious activity on the targeted host was on October 10, 2025, by which point the attackers already had two masquerading binaries installed and running as SYSTEM.

   The malware masqueraded as the Adobe Acrobat Reader update service as well as the Microsoft OneDrive setup helper.

   My buddy Roger tells me that he's trained his IT staff to treat every Tuesday as patch day, to keep the cadence of assuring all systems are kept updated. While it took a bit of time and culture change, overall the team is more effective and confident in their security posture than they were previously, and Roger as CISO is as well.

3. Massachusetts votes to pass new privacy rights bill that bans sale of precise location data

   Massachusetts state legislators have approved a bill that will prohibit the sale of precise geolocation data and other sensitive information. The State Senate version of the Massachusetts Consumer Data Privacy Act passed unanimously in the state Senate in September 2025, and the House version passed unanimously on June 4, 2026. The two versions of the bill will be reconciled in committee and sent to Governor Healey's office for signing.

   Another state is taking a stand on data brokers and loopholes which allow access to and sale of surveillance and other privacy information. While states should be applauded for stepping up to fill the void of not having national legislation, it's going to be complicated to implement as many privacy acts as are being put into place. Make sure that your chief privacy officer is tracking all the new legislation; do not become the case law others learn from.

4. Using LLMs to secure source code

   Anthropic released a guide on May 27 for using Claude Opus and other models to find and fix vulnerabilities in source code, with a companion open-source repo (defending-code-reference-harness) that implements the workflow using Claude Code and gVisor-sandboxed agents.

   Skoudis sends this: The brand-new SANS SEC543: AI-Assisted Source Code Analysis and Exploitation for Penetration Testers teaches that kind of analytic loop hands-on, including building exploits to verify high-impact findings. - https://www.sans.org/cyber-security-courses/ai-source-code-analysis-exploitation-pentesters

5. VMware: Multiple products with stored cross-site scripting vulnerabilities

   Broadcom has published a security advisory alerting users to a trio of high-severity stored cross-site scripting vulnerabilities in VMware Aria Operations, VMware Cloud Foundation Operations, VMware Cloud Foundation, VMware vSphere Foundation, and VMware Telco Cloud Platform. Broadcom writes that "A malicious actor with privileges to create policies, views or text-widgets may be able to inject scripts to perform administrative actions in VMware Cloud Foundation Operations."

   The good news is there are no current active exploits here. On the flip side, there are no workarounds: you need to deploy updated versions of  VMware Aria Operations, Cloud Foundation, vSphere Foundation, and Telco Cloud Platform. This may be a good excuse to move to Cloud Foundation and vSphere Foundation 9.1.0.0 if you're still on 9.0 or lower. Note that the fix to TCP/TCI is a patch rather than an update. Broadcom Advisory: https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37513

6. CISA: Hackers now exploit SolarWinds Serv-U flaw to crash servers

   SolarWinds has disclosed a high-severity unauthenticated denial-of-service vulnerability in SolarWinds Serv-U managed file transfer software. "SolarWinds Serv-U is susceptible to specially crafted POST requests that crash the Serv-U service without authentication using Content-Encoding: deflate." The flaw, CVE-2026-28318, CVSS score 7.5, is being actively exploited.

   So, not only apply the update, but also put a WAF in front of your file transfer service, which, when you think about it, should already be in place.

7. Meta Deletes Face-Recognition System From Its Smart Glasses App After WIRED Report

   In a June 4 story, WIRED reported that a code review of the Meta AI app revealed "an unreleased face-recognition system embedded in Meta’s smart glasses platform." The technology was "discreetly added to Meta’s AI app over multiple updates," and was internally identified as "NameTag." Its capabilities included identifying people seen through the glasses' camera and alerting glasses wearers when someone was recognized; "faces the system failed to recognize were cropped, indexed, and stored locally for future processing." When WIRED detected the system, it was not enabled. However, the Meta AI app, which is needed to use smart glasses features, has been downloaded more than 50 million times. WIRED now reports that Meta has removed the NameTag code from the Meta AI app.

   Familiar face recognition sounds kind of cool up front, let alone recognizing strangers, but the devil is in the details, particularly when coupled with AI systems which accelerate finding any weaknesses (or features) in the implementation. Given efforts in the US and other countries over privacy laws, it's not clear how one would opt out of such a system.

8. Hackers Used Meta’s AI Support Bot to Seize Instagram Accounts

   The Instagram accounts for the Obama White House and the Chief Master Sergeant of the U.S. Space Force were briefly defaced with pro-Iranian images and messages over the weekend, after instructions began circulating on Telegram showing how to trick Meta’s “AI support assistant” bot into resetting account passwords. This only works for accounts without MFA, Meta has fixed the flaw.

   The use of AI to recover accounts reveals issues, and serves as a reminder that automation will reveal underlying shortcuts as well as take full advantages of privileges given. Make sure you're doing your QA properly. For Instagram users, make sure you don't have any extra email addresses associated with your profile, and that you've implemented MFA

9. Yet another Cisco SD-WAN 0-day under attack, and no patch in sight

   Last week, Cisco published a security advisory warning of an authenticated privilege escalation vulnerability in Cisco Catalyst SD-WAN Manager that is being actively exploited. The flaw, CVE-2026-20245, CVSS score 7.8, is due to insufficient validation of user-supplied input and can be exploited to execute arbitrary commands as root.

   Our old friend, processing untrusted input, is back. This latest bug affects all versions of the SD-WAN software, regardless of device configuration or deployment types. It is the seventh SD-WAN issue this year, the second zero-day flaw in two months, and it doesn't have a patch yet. It does require admin credentials to exploit, but unfortunately, credential compromise is all too common these days.

Sam Bowne

1. Everybody Is Vibe Coding But Nobody Told the Security Team

   Companies should not ban vibe-coding, but run them through application security reviews, and monitor traffic to online vobe-coding services to detect their use.

2. Only 10% of SOCs Say They’re Getting Excellent Value From AI. Here’s What the Second Wave Has to Deliver

   Most deployments simply turn on AI features in several disconnected products, so the operators have to learn multiple interfaces and the products repeat one another's work. To provide value, AI must be deployed across the SOC lifecycle: threat intelligence, threat hunting, detection, investigation, and remediation. It also needs to know the dynamic environment it's operating in continuously draw on it. And there must be effective SOC governance.

3. Free Apps Are Quietly Turning Smart TVs Into Web-Scraping Proxies for AI

   Apps using the SDK may offer you "ad-free" streaming in exchange for turning your TV into an exit node, which routes strangers' web traffic through your home IP address. It's described as a consent-sourced pool of 150 million-plus IPs. The settings the SDK loads allow up to 200 GB of traffic a month.

4. Tests suggest Russian satellites can jam GPS on a continental scale

   Russian satellites have been identified as the cause of mysterious, seconds-long bursts of GPS interference across Europe—a rare example of human-made GPS interference coming from space. But uncertainty still hangs over whether such interference is intentional and if it could be more powerfully weaponized as GPS jamming with continental reach in the future.

5. Miasma Worm Hits 73 Microsoft GitHub Repositories in Major Supply Chain Attack

   What's notable about the latest campaign is the re-compromise of the "durabletask" PyPI package, which was infected by TeamPCP last month to deliver an information stealer on Linux systems. Miasma is assessed to be a variant of the Mini Shai-Hulud worm that TeamPCP publicly released in mid-May 2026. "The commit added no dependencies. It planted a 4.3 MB payload runner and wired it to execute automatically through five developer tools: Claude Code, Gemini CLI, Cursor, VS Code, and the npm test script. The attack detonates when a developer clones one of the affected repos and opens it in an AI coding agent." "The worm's genius and the reason conventional defences largely failed is that it operates entirely within legitimate channels. It does not exploit a vulnerability in npm or GitHub. It exploits the trust model those platforms are built on: the assumption that if a package is signed with a valid key and published by an authenticated maintainer, it is safe."

6. Companies Are Using Reddit to Manipulate ChatGPT and Google AI Search

   Peptide companies have been doing AI-engine optimization by spamming the biohackers subreddit to manipulate ChatGPT and Google.

7. Claude Helps Recover Locked $400K Bitcoin Wallet After 11 Years (tomshardware.com)

   They changed their wallet password while "stoned" and forgot it. The user already had some candidate passwords and multiple wallets stored on their PC. They dumped their whole college computer into Claude. This was when the AI discovered an older backup file of the wallet from December 2019 hidden in the data.

8. New plans to stop children taking, sharing or viewing nude images

   Britain will become the first country in the world where it is impossible for children to take, share or view naked pictures on their devices. This seems technically feasible to me, and a good idea, if it is implemented as an onboard AI to detect and block nude images. The supporting statements from child welfare organizations are compelling.

9. Signal says UK plan to scan devices for nude images ‘endangers us all’

   "We know that mass surveillance and censorship capabilities, however sincere-sounding the promises of those who initiate them are, never remain narrowly scoped. Once created, they will be expanded, forming a dangerous tool that will be wielded both in the UK and abroad to censor and surveil whatever they might consider 'threats' or 'harmful content.'" I am not convinced. It seems to me that there is plenty of room for some content blocking which will protect children without harming adults. There need to be limits on all police powers, but that doesn't mean we can't have any police.