Google caught a criminal group that used AI to find a zero-day in a popular web admin tool and had a working exploit ready for a mass attack against thousands of systems. Google has never named the tool. The attack never launched. What gave them away was a CVSS severity score inside the code for a vulnerability that has never been officially rated. The AI made up a number that does not exist.

ssh-keysign-pwn is a newly disclosed Linux kernel vulnerability that gives any unprivileged local user direct access to the SSH host private keys of a server and every password hash stored on the system. It was reported on May 14, 2026, and a working exploit was on GitHub within hours of the patch landing.

The bug lives in a piece of kernel code called __ptrace_may_access(). This is the security check the kernel runs every time one program wants to look inside another program: reading its memory, accessing its open files. The kernel runs this check and asks: is this target process marked as safe to inspect, and does the caller have the right to do this? If either answer is no, access is denied. That is how it is supposed to work.

A folder copied to a USB stick is enough to bypass BitLocker encryption on Windows 11 and Windows Server 2022 and 2025, giving an attacker with a few minutes of physical access a command prompt with unrestricted access to everything on the encrypted drive.

The tool is called YellowKey. It was published on May 12, 2026, as a working proof of concept on GitHub. Windows 10 is not affected. There is no patch. Microsoft has not assigned a CVE number. And the researcher who found it believes it looks like something that was put there deliberately.

NGINX Rift: An 18-year-old memory corruption bug in NGINX, the web server running on roughly one-third of all websites globally, lets an unauthenticated attacker crash a server with a single crafted HTTP request. On systems where ASLR is disabled, that same request achieves remote code execution. The bug has been in every standard build since 2008. It was publicly disclosed yesterday, after being found by an AI system in six hours.

Microsoft patched a critical heap buffer overflow in the Windows DNS Client. An attacker needs no account and no help from the person sitting at the machine to trigger it. Every Windows machine that performs DNS lookups is potentially in scope, and every Windows machine performs DNS lookups constantly.

The vulnerability is tracked as CVE-2026-41096 with a CVSS score of 9.8. It sits in a component called dnsapi.dll, the file that handles DNS lookups on every Windows machine. DNS, which stands for Domain Name System, is the system that translates domain names into IP addresses so computers know where to connect. Every time a browser loads a page, an application connects to a server, a VPN establishes, or Windows checks for updates, the system sends out a DNS query asking what IP address belongs to a given name. The DNS Client receives the answer, processes it, and passes it along.

MacSync is spreading through Google ads that lead directly to claude.ai. The installation guide there was written by Claude itself. One Terminal command and the malware is running, your credentials are gone, and your crypto wallet applications have been replaced.

Security researcher Berk Albayrak spotted an active version of this campaign on May 9, 2026 and posted his findings on X. Researcher g0njxa also published findings on X tracing the campaign infrastructure. BleepingComputer independently confirmed a second variant running on completely separate infrastructure.

GhostLock locks every shared file on any Windows network in minutes using nothing but a standard login, and every security tool watching stays completely silent. This has been possible for over 30 years. Microsoft is not going to patch this.

Security researcher Kim Dvash published the proof of concept in May 2026, after discovering the technique during a prior authorized red team engagement.

SMB is the protocol Windows uses to share files across a network. When a program opens a file over SMB, it tells Windows how it wants to share that file with other programs at the same time. Set that sharing mode to zero using a parameter called dwShareMode in the CreateFileW API call, and Windows grants an exclusive deny-share handle. While that handle is held open, every other process, user, or system trying to open the same file gets back one thing:

A backdoor called PamDOORa targets Linux systems through PAM and steals SSH credentials from every user who logs in. It leaves no trace in process lists, antivirus, or logs. When the security team connects via SSH to investigate, their credentials get stolen too.

When someone logs into a Linux server, the system runs PAM to check the password. PAM stands for Pluggable Authentication Modules, and it handles authentication for everything that requires a login: SSH, sudo, the login prompt. Instead of building that check into each program separately, Linux sends everything through PAM using configuration files stored in /etc/pam.d/, one file per service. The file for SSH is /etc/pam.d/sshd. It tells PAM which modules to run, in what order, and what to do when one fails.

A new Linux zero-day called Dirty Frag gives any local user full root access on every major Linux distribution, and right now no distribution has a patched kernel available. The researcher planned to give distributions until May 12 to prepare. Someone leaked the exploit five days early, and it went public before a single distribution had a fix ready.

Hyunwoo Kim (@v4bel) found both vulnerabilities and quietly reported them to the Linux kernel security team at the end of April, including working exploits and patches. The plan was to give Linux distributions until May 12 to prepare fixes before anything went public. On May 7, he told the group of distribution maintainers about it and set that five-day hold in motion. That same day, someone else published the exploit online. The agreement was clear: if that happened, everything would go public immediately. Kim released the full details within hours. Two CVEs have since been assigned: CVE-2026-43284 for the IPsec variant, which now has a patch in the kernel mainline, and CVE-2026-43500 for the RxRPC variant, which has no patch anywhere yet. How the exploit got out early is still unknown. The patch for the IPsec bug had been sitting on a public kernel mailing list since April 30, so someone paying close attention to kernel development could have spotted it there. Or someone inside the distribution group leaked it. Nobody knows.

Twelve critical vulnerabilities were just published for vm2, a Node.js security library that sits inside millions of applications. Three of them score a perfect 10 out of 10. The creator shut the project down in 2023 because it was too broken to fix, restarted it anyway in October 2025, and here we are.

The library is called vm2. When a platform lets users run their own code, that code needs somewhere to run where it cannot touch anything it should not touch. Not the files on the server, not the ability to run system commands, not connections to other services. That sealed-off space where code runs but cannot escape is called a sandbox. vm2 was the tool Node.js developers used to build one.