Chaotic Eclipse released YellowKey and GreenPlasma PoCs one day after May 2026 Patch Tuesday. A USB-borne FsTx folder plus a Ctrl-key reboot drops cmd.exe inside WinRE on a BitLocker-protected machine. Covers WinRE-only behavior, the CTFMON SYSTEM elevation path, the RedSun silent-patch dispute, and what defenders can actually do while unpatched.
137 CVEs, no zero-days. Netlogon and DNS Client RCEs (both CVSS 9.8) lead — compared against ZeroLogon/SIGRed, with patch priority tiers and detection notes for SOC teams.
Microsoft's second-largest Patch Tuesday ever. SharePoint Server XSS zero-day (CVSS 6.5) confirmed in active exploitation and added to CISA KEV. Windows Defender BlueHammer LPE (CVSS 7.8) has a full public PoC. Also includes a wormable IKE RCE at CVSS 9.8.
CISA added 7 actively exploited vulnerabilities to the KEV catalog including FortiClient EMS SQL injection (CVSS 9.1). Federal deadline is April 16 for Fortinet, April 27 for the remaining six.
Foundry Local is a local AI runtime that embeds into apps via package managers as a ~20MB native library. Built on ONNX Runtime with automatic GPU/NPU selection, it runs Phi, Qwen, Mistral and more offline through an OpenAI-compatible API.
OpenAI acquired AI security evaluation platform Promptfoo, and Microsoft announced that Anthropic's Claude Cowork would be integrated into Microsoft 365 Copilot. The structure of the enterprise AI market is starting to change.
A UAF zero-day in Chrome, critical flaws in four VS Code extensions, and a Microsoft Copilot bug that leaked confidential emails. A review of security risks lurking in developers’ everyday tools.
Microsoft released an open-source framework that can optimize almost any AI agent with reinforcement learning, with little to no code changes. It supports arbitrary frameworks such as LangChain, AutoGen, and Claude Agent SDK.
