Windows CTFMON elevation of privilege, publicly disclosed, June 2026 Patch Tuesday
cve · CVE-2026-45586
Coverage timeline
1
first 2026-06-10 → last 2026-06-10
Briefs
1
1 distinct
Sources cited
186
74 hosts
Sections touched
0
—
Co-occurring entities
0
no co-occurrence
Story timeline
- 2026-06-10CTI Daily Brief — 2026-06-10
Source distribution
- attack.mitre.org38 (20%)
- thehackernews.com12 (6%)
- bleepingcomputer.com10 (5%)
- helpnetsecurity.com7 (4%)
- isc.sans.edu7 (4%)
- msrc.microsoft.com7 (4%)
- microsoft.com4 (2%)
- therecord.media4 (2%)
- other97 (52%)
External references
All cited sources (186)
- rapid7.comprimaryinlineRapid7, 2026-06-09https://www.rapid7.com/blog/post/em-patch-tuesday-june-2026
- rapid7.comprimaryinlineRapid7 ETR, 2026-05-29https://www.rapid7.com/blog/post/etr-rapid7-observed-exploitation-of-pan-os-globalprotect-authentication-bypass-vulnerability-cve-2026-0257/
- rapid7.comprimaryinlinean authenticated-RCE zero-day in Gogshttps://www.rapid7.com/blog/post/ve-authenticated-rce-via-argument-injection-gogs-unfixed/
- access.redhat.cominlineRed Hat RHSB-2026-003https://access.redhat.com/security/vulnerabilities/RHSB-2026-003
- access.redhat.cominlineRed Hat RHSB-2026-02https://access.redhat.com/security/vulnerabilities/RHSB-2026-02
- advisories.ncsc.nlinlineNCSC-NL NCSC-2026-0158, 2026-05-15https://advisories.ncsc.nl/advisory?id=NCSC-2026-0158
- advisories.ncsc.nlinlineNCSC-NL NCSC-2026-0162, 2026-05-15https://advisories.ncsc.nl/csaf/v2/2026/ncsc-2026-0162.json
- aikido.devinlineAikido, 2026-05-23https://www.aikido.dev/blog/supply-chain-attack-targets-laravel-lang-packages-with-credential-stealer
- akamai.cominlineAkamai Security Researchhttps://www.akamai.com/blog/security-research/incomplete-patch-apt28s-zero-day-cve-2026-32202
- amd.cominlineAMD Security Bulletin AMD-SB-7052https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7052.html
- arxiv.orginlinearXiv, 2026-06-02https://arxiv.org/abs/2606.03811
- atos.netinlineAtos TRC, 2026-04-17https://atos.net/en/lp/cybershield/making-vulnerable-drivers-exploitable-without-hardware-the-byovd-perspective
- attack.mitre.orginlineDonutLoaderhttps://attack.mitre.org/software/S1042/
- attack.mitre.orginlineT1021.001 Remote Services: Remote Desktop Protocolhttps://attack.mitre.org/techniques/T1021/001/
- attack.mitre.orginlineT1027https://attack.mitre.org/techniques/T1027/
- attack.mitre.orginlineT1047 Windows Management Instrumentationhttps://attack.mitre.org/techniques/T1047/
- attack.mitre.orginlineT1056.001https://attack.mitre.org/techniques/T1056/001/
- attack.mitre.orginline`T1059.001`https://attack.mitre.org/techniques/T1059/001/
- attack.mitre.orginline`T1059.003`https://attack.mitre.org/techniques/T1059/003/
- attack.mitre.orginlineT1068 Exploitation for Privilege Escalationhttps://attack.mitre.org/techniques/T1068/
- attack.mitre.orginlineWeb Protocolshttps://attack.mitre.org/techniques/T1071/001/
- attack.mitre.orginlineT1090.001https://attack.mitre.org/techniques/T1090/001/
- attack.mitre.orginlineT1095https://attack.mitre.org/techniques/T1095/
- attack.mitre.orginlineDead Drop Resolverhttps://attack.mitre.org/techniques/T1102/001/
- attack.mitre.orginline`T1106`https://attack.mitre.org/techniques/T1106/
- attack.mitre.orginlineT1114.002https://attack.mitre.org/techniques/T1114/002/
- attack.mitre.orginlineT1115https://attack.mitre.org/techniques/T1115/
- attack.mitre.orginlineT1133 External Remote Serviceshttps://attack.mitre.org/techniques/T1133/
- attack.mitre.orginline`T1140`https://attack.mitre.org/techniques/T1140/
- attack.mitre.orginlineT1185https://attack.mitre.org/techniques/T1185/
- attack.mitre.orginlineT1187 Forced Authenticationhttps://attack.mitre.org/techniques/T1187/
- attack.mitre.orginline`T1189`https://attack.mitre.org/techniques/T1189/
- attack.mitre.orginlineT1190https://attack.mitre.org/techniques/T1190/
- attack.mitre.orginline`T1204.002`https://attack.mitre.org/techniques/T1204/002/
- attack.mitre.orginline`T1480`https://attack.mitre.org/techniques/T1480/
- attack.mitre.orginline`T1480.001`https://attack.mitre.org/techniques/T1480/001/
- attack.mitre.orginlineT1486 Data Encrypted for Impacthttps://attack.mitre.org/techniques/T1486/
- attack.mitre.orginline`T1505.003`https://attack.mitre.org/techniques/T1505/003/
- attack.mitre.orginlineT1528https://attack.mitre.org/techniques/T1528/
- attack.mitre.orginline`T1543.003`https://attack.mitre.org/techniques/T1543/003/
- attack.mitre.orginlineT1548.001 Setuid and Setgid Abusehttps://attack.mitre.org/techniques/T1548/001/
- attack.mitre.orginlineT1556https://attack.mitre.org/techniques/T1556/
- attack.mitre.orginlineT1557https://attack.mitre.org/techniques/T1557/
- attack.mitre.orginlineT1557.001 LLMNR/NBT-NS Poisoning and SMB Relayhttps://attack.mitre.org/techniques/T1557/001/
- attack.mitre.orginline`T1562.001`https://attack.mitre.org/techniques/T1562/001/
- attack.mitre.orginline`T1562.006`https://attack.mitre.org/techniques/T1562/006/
- attack.mitre.orginline`T1566.002`https://attack.mitre.org/techniques/T1566/002/
- attack.mitre.orginlineT1566.004https://attack.mitre.org/techniques/T1566/004/
- attack.mitre.orginlineT1567 Exfiltration Over Web Servicehttps://attack.mitre.org/techniques/T1567/
- attack.mitre.orginlineT1574.002 DLL Side-Loadinghttps://attack.mitre.org/techniques/T1574/002/
- bleepingcomputer.cominlineBleepingComputer, 2026-06-01https://www.bleepingcomputer.com/news/microsoft/critical-windows-netlogon-remote-code-execution-flaw-now-exploited-in-attacks/
- bleepingcomputer.cominlineBleepingComputer — MiniPlasma zero-day PoChttps://www.bleepingcomputer.com/news/microsoft/new-windows-miniplasma-zero-day-exploit-gives-system-access-poc-released/
- bleepingcomputer.cominlineBleepingComputer, 2026-05-29https://www.bleepingcomputer.com/news/security/chatgpt-share-links-abused-to-host-fake-outage-pages-to-deliver-malware/
- bleepingcomputer.cominlineBleepingComputer, 2026-05-21https://www.bleepingcomputer.com/news/security/chinese-hackers-target-telcos-with-new-linux-windows-malware/
- bleepingcomputer.cominlineBleepingComputer, 2026-05-06https://www.bleepingcomputer.com/news/security/daemon-tools-trojanized-in-supply-chain-attack-to-deploy-backdoor/
- bleepingcomputer.cominlineBleepingComputer, 2026-05-24https://www.bleepingcomputer.com/news/security/ghost-cms-sql-injection-flaw-exploited-in-large-scale-clickfix-campaign/
- bleepingcomputer.cominlineBleepingComputer, 2026-05-20https://www.bleepingcomputer.com/news/security/grafana-breach-caused-by-missed-token-rotation-after-tanstack-attack/
- bleepingcomputer.cominlineBleepingComputer, 2026-05-15https://www.bleepingcomputer.com/news/security/pwn2own-day-two-hackers-demo-microsoft-exchange-windows-11-red-had-enterprise-linux-zero-days/
- bleepingcomputer.cominlineBleepingComputer, 2026-05-05https://www.bleepingcomputer.com/news/security/scarcruft-hackers-push-birdcall-android-malware-via-game-platform/
- bleepingcomputer.cominlineBleepingComputer — Windows BitLocker zero-day PoChttps://www.bleepingcomputer.com/news/security/windows-bitlocker-zero-day-gives-access-to-protected-drives-poc-released/
- blog.fox-it.cominlineFox-IT, 2026-05-22https://blog.fox-it.com/2026/05/22/remotepe-the-lazarus-rat-that-lives-in-memory/
- blog.sekoia.ioinlineSekoia TDR, 2026-06-01https://blog.sekoia.io/fsbs-matryoshka-1-3-gamaredons-gifts-that-keeps-unpacking-gammaphish-and-gammaworm/
- blog.talosintelligence.cominlineCisco Talos, 2026-05-05https://blog.talosintelligence.com/cloudz-pheno-infostealer/
- blog.talosintelligence.cominlineCisco Taloshttps://blog.talosintelligence.com/from-pdb-strings-to-maas-tracking-a-commodity-badiis-ecosystem/
- blog.xlab.qianxin.cominlineXLab Qianxin, 2026-05-21https://blog.xlab.qianxin.com/ghost-cms-mass-compromised-via-cve-2026-26980-now-fueling-clickfix-attacks/
- cert.europa.euinlineCERT-EU Advisory 2026-005, 2026-04-30https://cert.europa.eu/publications/security-advisories/2026-005/
- cert.ssi.gouv.frinlineCERT-FR / ANSSI advisory CERTFR-2026-AVI-0652https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0652/
- checkmarx.cominlineCheckmarx, 2026-05-12https://checkmarx.com/blog/ongoing-security-updates/
- cisa.govinlineCISA KEV (added 2026-05-15)https://www.cisa.gov/known-exploited-vulnerabilities-catalog
- cloud.google.cominlineGoogle Threat Intelligence Group, 2026-05-15https://cloud.google.com/blog/topics/threat-intelligence/blackfile-vishing-extortion-operation/
- cloud.google.cominlineGoogle Threat Intelligence Group, 2026-05-25https://cloud.google.com/blog/topics/threat-intelligence/knowledgedeliver-viewstate-deserialization-vulnerability/
- comparitech.cominlineComparitech Q1 2026 Healthcare, 2026-04-29https://www.comparitech.com/news/healthcare-ransomware-roundup-q1-2026-stats-on-attacks-ransoms-and-data-breaches/
- coveware.cominlineCoveware, 2026-02-02https://www.coveware.com/blog/2026/2/2/nitrogen-ransomware-esxi-malware-has-a-bug
- cwe.mitre.orginlineCWE-648https://cwe.mitre.org/data/definitions/648.html
- cyberkendra.cominlineCyberKendra, 2026-05-07https://www.cyberkendra.com/2026/05/jdownloader-website-hacked-malicious.html
- cybermaxx.cominlineCyberMaxx Q1 2026https://www.cybermaxx.com/resources/ransomware-research-report-q1-2026-audio-blog-interview/
- grafana.cominlineGrafana Labs, 2026-05-19https://grafana.com/blog/grafana-labs-security-update-latest-on-tanstack-npm-supply-chain-ransomware-incident/
- hackread.cominlineHackread, 2026-05-16https://hackread.com/pwn2own-berlin-2026-hits-capacity-hackers-0-days/
- heise.deinlineheise online, 2026-06-04https://www.heise.de/en/news/IT-researchers-demonstrate-adaptive-AI-worm-11318259.html
- heise.deinlineheise Securityhttps://www.heise.de/en/news/Too-many-zero-days-Microsoft-threatens-legal-action-11310736.html
- helpnetsecurity.cominlineHelp Net Security, 2025-05-06https://www.helpnetsecurity.com/2025/05/06/exploited-vulnerability-software-managing-samsung-digital-displays-cve-2024-7399/
- helpnetsecurity.cominlineHelp Net Security, 2026-04-29https://www.helpnetsecurity.com/2026/04/29/windows-cve-2026-32202-exploited/
- helpnetsecurity.cominlineHelp Net Security, 2026-05-04https://www.helpnetsecurity.com/2026/05/04/digicert-breach-code-signing-certificates-malware/
- helpnetsecurity.cominlineHelp Net Security, 2026-05-06https://www.helpnetsecurity.com/2026/05/06/daemon-tools-compromised-backdoors-supply-chain-attack/
- helpnetsecurity.cominlineHelp Net Security, 2026-05-20https://www.helpnetsecurity.com/2026/05/20/github-breached-teampcp/
- helpnetsecurity.cominlineHelp Net Securityhttps://www.helpnetsecurity.com/2026/06/01/windows-netlogon-rce-exploited-cve-2026-41089/
- helpnetsecurity.cominlineHelp Net Security, 2026-06-02https://www.helpnetsecurity.com/2026/06/02/ai-agents-edr-evasion-techniques/
- huntress.cominlineHuntress, 2026-06-03https://www.huntress.com/blog/malspam-to-deskcvb-rat-delivery-chain-analysis
- huntress.cominlineHuntress, 2026-06-03https://www.huntress.com/blog/unpatched-ntlm-leak-windows-search-uri-handler
- ico.org.ukinlineICO notice, 2026-05-11https://ico.org.uk/about-the-ico/media-centre/news-and-blogs/2026/05/fine-of-nearly-1m-issued-against-south-staffordshire-plc-and-south-staffordshire-water-plc/
- ico.org.ukinlineICO, 2026-05-21https://ico.org.uk/action-weve-taken/enforcement/2026/05/rizwan-manjra-proceeds-of-crime-act/
- infosecurity-magazine.cominlineInfosecurity Magazine, 2026-06-01https://www.infosecurity-magazine.com/news/gamaredon-worm-ntfs-data-streams/
- infosecurity-magazine.cominlineInfosecurity Magazine, 2026-05-20https://www.infosecurity-magazine.com/news/github-confirms-breach-vs-code/
- isc.sans.eduinlineSANS Internet Storm Center, 2026-05-26https://isc.sans.edu/diary/33018
- isc.sans.eduinlineSANS ISC, 2026-06-02https://isc.sans.edu/diary/33040
- isc.sans.eduinlineSANS ISC Diary, 2026-05-04https://isc.sans.edu/diary/Cleartext+Passwords+in+MS+Edge+In+2026/32954/
- isc.sans.eduinlineSANS Internet Storm Center, 2026-05-18https://isc.sans.edu/diary/rss/32994
- isc.sans.eduinlineSANS Internet Storm Center, 2026-05-27https://isc.sans.edu/diary/rss/33024
- isc.sans.eduinlineSANS ISC, 2026-06-05https://isc.sans.edu/diary/rss/33054
- isc.sans.eduinlineSANS ISC, 2026-06-09https://isc.sans.edu/diary/rss/33064
- kaspersky.cominlineKaspersky press release, 2026-05-05https://www.kaspersky.com/about/press-releases/kaspersky-identifies-ongoing-supply-chain-attack-on-official-daemon-tools-website-distributing-backdoor-malware
- kaspersky.cominlineKaspersky Securelisthttps://www.kaspersky.com/blog/daemon-tools-supply-chain-attack/55691/
- krebsonsecurity.cominlineKrebs on Security, 2026-05-12https://krebsonsecurity.com/2026/05/patch-tuesday-may-2026-edition/
- lumen.cominlineLumen Black Lotus Labs, 2026-05-21https://www.lumen.com/blog/en-us/introducing-showboat-a-new-malware-family-taunts-defenses-and-targets-international-telecom-firms
- malwarebytes.cominlineMalwarebytes, 2026-03https://www.malwarebytes.com/blog/news/2026/03/fake-claude-code-install-pages-hit-windows-and-mac-users-with-infostealers
- malwarebytes.cominlineMalwarebytes, 2026-04-10 (earlier wave)https://www.malwarebytes.com/blog/scams/2026/04/fake-claude-site-installs-malware-that-gives-attackers-access-to-your-computer
- microsoft.cominlineMicrosoft Security Blog, 2026-05-08https://www.microsoft.com/en-us/security/blog/2026/05/08/active-attack-dirty-frag-linux-vulnerability-expands-post-compromise-risk/
- microsoft.cominlineMicrosoft Security Blog, 2026-05-12https://www.microsoft.com/en-us/security/blog/2026/05/12/defense-at-ai-speed-microsofts-new-multi-model-agentic-security-system-finds-16-new-vulnerabilities/
- microsoft.cominlineMicrosoft Security Blog, 2026-05-12https://www.microsoft.com/en-us/security/blog/2026/05/12/undermining-the-trust-boundary-investigating-a-stealthy-intrusion-through-third-party-compromise/
- microsoft.cominlineMicrosoft Threat Intelligence, 2026-05-14https://www.microsoft.com/en-us/security/blog/2026/05/14/kazuar-anatomy-of-a-nation-state-botnet/
- msrc.microsoft.cominlineMicrosoft MSRChttps://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-41089
- msrc.microsoft.cominlineMSRC update guide on 2026-05-19https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-41091
- msrc.microsoft.cominlineMSRC CVE-2026-42897https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-42897
- msrc.microsoft.cominlineMSRC — CVE-2026-45585https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-45585
- msrc.microsoft.cominlineMicrosoft MSRC, 2026-06-09https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-47291
- msrc.microsoft.cominlineMicrosoft MSRChttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32202
- msrc.microsoft.cominlineMicrosoft MSRChttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45585
- my.f5.cominlineF5 K000160932, 2026-05-14https://my.f5.com/manage/s/article/K000160932
- nvd.nist.govinlineNVD CVE-2024-57726https://nvd.nist.gov/vuln/detail/CVE-2024-57726
- nvd.nist.govinlineNVD CVE-2024-57728https://nvd.nist.gov/vuln/detail/CVE-2024-57728
- nvd.nist.govinlineNVD CVE-2024-7399https://nvd.nist.gov/vuln/detail/CVE-2024-7399
- ox.securityinlineOX Security, 2026-05-17https://www.ox.security/blog/new-actors-deploy-shai-hulud-clones-teampcp-copycats-are-here/
- piunikaweb.cominlinePiunikaWeb, 2026-05-08https://piunikaweb.com/2026/05/08/jdownloader-website-hacked-malware/
- pushsecurity.cominlinePush Security, 2026-05https://pushsecurity.com/blog/installfix
- pushsecurity.cominlinePush Security, 2026-05-29https://pushsecurity.com/blog/llmshare-malvertising-campaign
- pwc.cominlinePwC Threat Intelligence, 2026-05-21https://www.pwc.com/gx/en/issues/cybersecurity/cyber-threat-intelligence/red-lamassu-open-season.html
- scworld.cominlineSC World, 2026-05-22https://www.scworld.com/brief/belarus-linked-ghostwriter-group-targets-ukraine-using-prometheus-learning-platform-lures
- securelist.cominlineKaspersky Securelist, 2026-05-05https://securelist.com/tr/daemon-tools-backdoor/119654/
- securelist.cominlineKaspersky Securelist — Exploits and Vulnerabilities Q1 2026https://securelist.com/vulnerabilities-and-exploits-in-q1-2026/119733/
- security-hub.ncsc.admin.chinlineNCSC Switzerland Security Hub, 2026-05-29https://security-hub.ncsc.admin.ch/#/posts/12548
- security-hub.ncsc.admin.chinlineNCSC.ch Security Hub #12574https://security-hub.ncsc.admin.ch/#/posts/12574
- security-hub.ncsc.admin.chinlineNCSC-CH 12547https://security-hub.ncsc.admin.ch/api/posts/12547/details
- security.cominlineBroadcom Security, 2026-05-18https://www.security.com/blog-post/fast16-nuclear-sabotage
- security.paloaltonetworks.cominlinePalo Alto Networks PSIRT, 2026-05-29https://security.paloaltonetworks.com/CVE-2026-0257
- securityboulevard.cominlineSecurity Boulevard, 2026-04-24https://securityboulevard.com/2026/04/cisa-warns-of-multiple-simplehelp-vulnerabilities-exploited-in-attacks/
- securityweek.cominlineSecurityWeek, 2026-05-04https://www.securityweek.com/digicert-revokes-certificates-after-support-portal-hack/
- securityweek.cominlineSecurityWeek, 2026-05-14https://www.securityweek.com/f5-patches-over-50-vulnerabilities/
- seqrite.cominlineSeqrite Labs — Dragon Weavehttps://www.seqrite.com/blog/operation-dragon-weave-uncovering-a-china-linked-campaign-targeting-czech-republic-and-taiwan-using-azure-cloud-c2/
- socket.devinlineSocket, 2026-05-23https://socket.dev/blog/laravel-lang-compromise
- sophos.cominlineSophos X-Opshttps://www.sophos.com/en-us/blog/2026-sophos-active-adversary-report
- sophos.cominlineSophos X-Ops, 2026-05-07https://www.sophos.com/en-us/blog/donuts-and-beagles-fake-claude-site-spreads-backdoor
- sophos.cominlineSophos X-Ops, 2026-06-02https://www.sophos.com/en-us/blog/pointing-a-cursor-at-evading-detection
- stepsecurity.ioinlineStepSecurity, 2026-05-22https://www.stepsecurity.io/blog/laravel-lang-supply-chain-attack
- techcommunity.microsoft.cominlineMicrosoft Exchange Team, 2026-05-14https://techcommunity.microsoft.com/blog/exchange/addressing-exchange-server-may-2026-vulnerability-cve-2026-42897/4518498
- tenable.cominlineTenable, 2026-06-09https://www.tenable.com/blog/microsofts-june-2026-patch-tuesday-addresses-198-cves-cve-2026-49160-cve-2026-50507
- tenable.cominlineTenable, 2026-05-12https://www.tenable.com/blog/microsofts-may-2026-patch-tuesday-addresses-118-cves-cve-2026-41103
- thedfirreport.cominlineThe DFIR Report, 2026-05-11https://thedfirreport.com/2026/05/11/flash-alert-etherrat-and-tuktuk-c2-end-in-the-gentleman-ransomware/
- thehackernews.cominlineHacker News writeuphttps://thehackernews.com/2026/05/critical-gogs-rce-vulnerability-lets.html
- thehackernews.cominlineThe Hacker News, 2026-05-18https://thehackernews.com/2026/05/four-malicious-npm-packages-deliver.html
- thehackernews.cominlineThe Hacker News, 2026-05-22https://thehackernews.com/2026/05/ghostwriter-targets-ukraine-government.html
- thehackernews.cominlineThe Hacker News, 2026-05-20https://thehackernews.com/2026/05/github-investigating-teampcp-claimed.html
- thehackernews.cominlineThe Hacker News, 2026-05-22https://thehackernews.com/2026/05/making-vulnerable-drivers-exploitable.html
- thehackernews.cominlineThe Hacker News, 2026-05-18https://thehackernews.com/2026/05/miniplasma-windows-0-day-enables-system.html
- thehackernews.cominlineThe Hacker News, 2026-05-18https://thehackernews.com/2026/05/pre-stuxnet-fast16-malware-tampered.html
- thehackernews.cominlineThe Hacker News, 2026-05-05https://thehackernews.com/2026/05/scarcruft-hacks-gaming-platform-to.html
- thehackernews.cominlineThe Hacker News, 2026-05-21https://thehackernews.com/2026/05/showboat-linux-malware-hits-middle-east.html
- thehackernews.cominlineThe Hacker News, 2026-05-15https://thehackernews.com/2026/05/turla-turns-kazuar-backdoor-into.html
- thehackernews.cominlineThe Hacker News, 2026-05-20https://thehackernews.com/2026/05/webworm-deploys-echocreep-and-graphworm.html
- thehackernews.cominlineThe Hacker News, 2026-06-03https://thehackernews.com/2026/06/unpatched-windows-search-uri.html
- therecord.mediainlineThe Record, 2026-05-20https://therecord.media/github-confirms-teampcp-hack-customers-unaffected
- therecord.mediainlineThe Record, 2026-05-06https://therecord.media/hackers-compromise-daemon-tools-global-supply-chain-attack
- therecord.mediainlineThe Recordhttps://therecord.media/microsoft-calls-zero-day-releases-never-justifiable-as-researcher-threatens-more
- therecord.mediainlineThe Record's reportinghttps://therecord.media/uk-water-company-had-hackers-lurking-for-years
- theregister.cominlineThe Register, 2026-05-11https://www.theregister.com/cyber-crime/2026/05/11/ico-fines-south-staffordshire-963k-over-2022-breach/5237875
- theregister.cominlineThe Register, 2026-05-12https://www.theregister.com/cyber-crime/2026/05/12/foxconn-confirms-cyberattack-after-nitrogen-claims-apple-nvidia-data-theft/5239144
- theregister.cominlineThe Register, 2026-05-13https://www.theregister.com/patches/2026/05/13/doozy-of-a-patch-tuesday-includes-30-critical-microsoft-cves/5239224
- theregister.cominlineThe Register, 2026-05-13https://www.theregister.com/security/2026/05/13/disgruntled-researcher-releases-two-more-microsoft-zero-days/5239758
- thezdi.cominlineZDI, 2026-05-12https://www.thezdi.com/blog/2026/5/12/the-may-2026-security-update-review
- thezdi.cominlineZDI, 2026-05-13https://www.thezdi.com/blog/2026/5/13/pwn2own-berlin-2026-day-one-results
- thezdi.cominlineZDI, 2026-05-16https://www.thezdi.com/blog/2026/5/16/pwn2own-berlin-2026-day-three-results-and-master-of-pwn
- threatlocker.cominlineThreatLocker — exploitation on fully-patched systemshttps://www.threatlocker.com/blog/miniplasma-windows-privilege-escalation-zero-day-affects-fully-patched-systems
- trendmicro.cominlineTrend Micro Research, 2026-05-05https://www.trendmicro.com/en_us/research/26/e/installfix-and-claude-code.html
- ubuntu.cominlineUbuntu — Dirty Frag fixes-availablehttps://ubuntu.com/blog/dirty-frag-linux-vulnerability-fixes-available
- unit42.paloaltonetworks.cominlineUnit 42, 2026-05-11https://unit42.paloaltonetworks.com/active-directory-certificate-services-exploitation/
- unit42.paloaltonetworks.cominlineUnit 42 — Copy Failhttps://unit42.paloaltonetworks.com/cve-2026-31431-copy-fail/
- unit42.paloaltonetworks.cominlinePalo Alto Networks Unit 42, 2026-05-15https://unit42.paloaltonetworks.com/gremlin-stealer-evolution/
- veeam.cominlineVeeam shipped KB4852 / Backup & Replication patch version 13.0.2.29 on 2026-05-27https://www.veeam.com/kb4852
- welivesecurity.cominlineESET WeLiveSecurity, 2026-05-05https://www.welivesecurity.com/en/eset-research/rigged-game-scarcruft-compromises-gaming-platform-supply-chain-attack/
- welivesecurity.cominlineESET WeLiveSecurity, 2026-05-20https://www.welivesecurity.com/en/eset-research/webworm-new-burrowing-techniques/
- wid.cert-bund.deinlineBSI WID-SEC-2026-1232https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1232
- windowsforum.cominlineWindowsForum, 2026-04-24https://windowsforum.com/threads/cisa-adds-4-kev-flaws-patch-samsung-magicinfo-simplehelp-d-link-dragonforce-ransomware-april-2026/
- wiz.ioinlineWiz Research, 2026-05-08https://www.wiz.io/blog/dirty-frag-linux-kernel-local-privilege-escalation-via-esp-and-rxrpc
- wiz.ioinlineWiz, 2026-05-20https://www.wiz.io/blog/durabletask-teampcp-supply-chain-attack
- xenbits.xen.orginlineXSA-490https://xenbits.xen.org/xsa/advisory-490.html
- zerodayinitiative.cominlineZero Day Initiative, 2026-05-15https://www.zerodayinitiative.com/blog/2026/5/15/pwn2own-berlin-2026-day-two-results
- zetter-zeroday.cominlineKim Zetter / ZERO DAY, 2026-05-16https://www.zetter-zeroday.com/experts-confirm-the-fast16-malware-was-sabotaging-nuclear-weapons-tests-likely-in-iran/
Items in briefs about Windows CTFMON elevation of privilege, publicly disclosed, June 2026 Patch Tuesday
No parsed item heading or body matches this entity yet. Items match by exact CVE id (for CVE entities), by lead-segment substring of the title in the item heading or body, or by a distinctive anchor token from the title appearing in the item heading. Coverage that lives inside a broader section (no per-item heading) is captured by the Story timeline above.