Episode 56 — 14 May 2026
1. Windows BitLocker zero-day gives access to protected drives, PoC released
Source: Bleeping Computer
A cybersecurity researcher has published proof-of-concept (PoC) exploits for two unpatched Microsoft Windows vulnerabilities named YellowKey and GreenPlasma, which are a BitLocker bypass and a privilege-escalation flaw. Known as Chaotic Eclipse or Nightmare Eclipse, the...
2. New Fragnesia Linux flaw lets attackers gain root privileges
Source: Bleeping Computer
Linux distros are rolling out patches for a new high-severity kernel privilege escalation vulnerability that allows attackers to run malicious code as root. Known as Fragnasia and tracked as CVE-2026-46300 , this security flaw stems from a logic bug in the Linux XFRM...
3. New critical Exim mailer flaw allows remote code execution
Source: Bleeping Computer
A critical vulnerability affecting certain configurations of the Exim open-source mail transfer agent could be exploited by an unauthenticated remote attacker to execute arbitrary code. Identified as CVE-2026-45185 , the security issue impacts some Exim versions before 4.99.3...
4. West Pharmaceutical says hackers stole data, encrypted systems
Source: Bleeping Computer
West Pharmaceutical Services disclosed that it was the target of a cyberattack that resulted in data exfiltration and system encryption. The company said that it detected a compromise on May 4th. An investigation into the incident determined that the attacker stole data from...
5. 18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE
Source: The Hacker News
6. New Fragnesia Linux Kernel LPE Grants Root Access via Page Cache Corruption
Source: The Hacker News
Details have emerged about a new variant of the recent Dirty Frag Linux local privilege escalation (LPE) vulnerability that allows local attackers to gain root access, making it the third such bug to be identified in the kernel within a span of two weeks. Codenamed Fragnesia,...
7. Azerbaijani Energy Firm Hit by Repeated Microsoft Exchange Exploitation
Source: The Hacker News
A threat actor with affiliations to China has been linked to a "multi-wave intrusion" targeting an unnamed Azerbaijani oil and gas company between late December 2025 and late February 2026, marking an expansion of its targeting. The activity has been attributed by Bitdefender...
8. New Exim BDAT Vulnerability Exposes GnuTLS Builds to Potential Code Execution
Source: The Hacker News
Exim has released security updates to address a severe security issue affecting certain configurations that could enable memory corruption and potential code execution. Exim is an open-source Mail Transfer Agent (MTA) designed for Unix-like systems to receive, route, and...
