#Security

YellowKey BitLocker bypass via WinRE opens encrypted drives with a USB stick, GreenPlasma CTFMON LPE drops the same day, Chaotic Eclipse calls it a backdoor

Chaotic Eclipse released YellowKey and GreenPlasma PoCs one day after May 2026 Patch Tuesday. A USB-borne FsTx folder plus a Ctrl-key reboot drops cmd.exe inside WinRE on a BitLocker-protected machine. Covers WinRE-only behavior, the CTFMON SYSTEM elevation path, the RedSun silent-patch dispute, and what defenders can actually do while unpatched.

TeamPCP open-sources Shai-Hulud worm; BreachForums runs paid attack challenge

May 12: TeamPCP open-sourced the Shai-Hulud worm on GitHub. Datadog mapped its module pipeline (Loader/Provider/Collector/Dispatcher/Sender/Mutator) and Claude Code SessionStart hook for persistence. May 15: BreachForums opened a paid attack challenge. Detection notes for the copycat wave.

OpenClaw Claw Chain: 4 CVEs from OpenShell TOCTOU to MCP loopback owner spoof

What to patch, rotate, and grep after OpenClaw 2026.4.22. Walks CVE-2026-44112/44113/44115/44118 as one chain on agent runtime, with detection log fields and 24h/1w response steps.

node-ipc 9.x/12.0.1 stealer on require(): 12.0.1 hash-gated, not postinstall

Malicious node-ipc 9.1.6/9.2.3/12.0.1 fire on require(), not postinstall. 12.0.1 is SHA-256 gated (targeted), so a working app isn't safe. Exfils dev/CI secrets via DNS TXT.

Ollama CVE-2026-7482: crafted GGUF leaks heap memory from exposed API servers

Out-of-bounds read in Ollama's GGUF loader before 0.17.1. If your Ollama API is network-accessible, a crafted model file can exfiltrate env vars, API keys, system prompts, and conversation fragments from process memory.

PCPJack credential stealer chains 5 CVEs to worm through Docker, Kubernetes, Redis, and RayML

SentinelOne's PCPJack report broken down: initial access via Next.js and WordPress CVEs, lateral movement through Docker sockets, Kubernetes Secrets, Redis cron rewrite, and RayML job injection. IOCs and hardening steps included.

Android Binary Transparency for Google apps: what the public log verifies beyond code signing

Google extended Binary Transparency to its Android apps and Mainline modules starting May 2026. How the public log and verification tools differ from code signing, what's actually covered, and what the ADB-based verification workflow looks like for researchers.

CVE-2026-0073: EVP_PKEY_cmp misuse in Wireless ADB gives adjacent attackers shell RCE on Android 14–16

Android's May 2026 bulletin patches CVE-2026-0073, a Wireless ADB auth bypass from mishandled EVP_PKEY_cmp return values. Adjacent network attackers bypass mutual TLS and get shell-level RCE on Android 14 through 16-qpr2. AOSP diff and impact breakdown included.

Next.js 16.2.6 and 15.5.18 patch Middleware bypass and RSC DoS across 13 advisories

Next.js 16.2.6 / 15.5.18 dropped 13 security advisories at once. The impact depends on whether you use App Router, Middleware, RSC, or self-hosted Node.js server — here's where to look before upgrading.

CVE-2026-26268: Git Hooks as a Sandbox Escape in Cursor

CVE-2026-26268, fixed in Cursor 2.5, allowed AI agents to rewrite insufficiently protected .git config and Git hooks, leading to out-of-sandbox RCE on the next Git operation.

ZDI publishes OpenAI Codex sandbox bypass as a zero-day

ZDI-26-305 discloses a sandbox bypass in OpenAI Codex. Processing a repository containing malicious JavaScript can lead to code execution under the user's privileges outside the sandbox.

Password Rotation Examined Through Probability

How much does periodic password rotation or character-class enforcement actually help? A look at the numbers: leak probability, entropy, and user behavior.