Grudges, Dangling DNS, and AI-Driven Driver Removals: This Week in Security
This week’s security roundup ties together a vindictive Windows Defender exploit (RedSun) and a new Windows zero-day from an annoyed researcher, a dangling DNS scheme hijacking unmaintained university and government domains, Linux’s plan to remove 18 legacy drivers, a Bitwarden CLI compromise in a supply-chain attack that can steal tokens and push code changes via GitHub Actions, questions around Mythos access at Anthropic, Nextcloud ending bug-bounty programs amid AI-generated reports, a patch to iOS 26.4.2 addressing a notification-exposure issue related to Signal, and a $2.5M debt-repayment fraud case in Sri Lanka — illustrating ongoing risks across OS security, supply chains, and legacy infrastructure.
- This Week In Security: Annoyed Researchers, Dangling DNS, And Hacks That Could Have Been Worse Hackaday
- Exploits Turn Windows Defender Into Attacker Tool Dark Reading
- Recent Microsoft Defender Vulnerability Exploited as Zero-Day SecurityWeek
- Recently leaked Windows zero-days now exploited in attacks BleepingComputer
- Hackers are abusing unpatched Windows security flaws to hack into organizations TechCrunch
Reading Insights
0
18
19 min
vs 20 min read
97%
3,981 → 103 words
Want the full story? Read the original article
Read on Hackaday