Big Tech
Big Tech analyzes decisions by major platforms and their impact on security, privacy, infrastructure and the market. The cluster connects product announcements, strategic changes and technical consequences for users and businesses.
Google Gemini Hijacked via Messaging Notifications: The 'Dual Illusion' Attack
SafeBreach researchers have demonstrated how the Google Gemini voice assistant on Android can be hijacked through indirect prompt inje…
Microsoft Refuses to Patch Windows Search URI Flaw Enabling NTLM Hash Theft
Huntress has disclosed an unpatched vulnerability in the Windows search: URI handler that allows attackers to steal NTLMv2 hashes via…
Cybanetix Launches Managed AI Service: AI-Native MDR Powered by Four-Vendor Stack
Cybanetix has unveiled its Managed AI Service, integrating NOMA, SentinelOne, Microsoft, and Exabeam under a unified 24/7 SOC with a s…
Microsoft Patched a Critical SharePoint RCE but Omitted the CVE from Official Documentation
CVE-2026-45659, a CVSS 8.8 SharePoint Server RCE, was missing from Microsoft’s May 2026 security update list. While the patch was dist…
Poisoned AI Chatbots: A New Vector for High-Performance GPU Cryptojacking
Microsoft has identified an active campaign that manipulates AI chatbot recommendations to distribute GPU-based cryptojacking malware…
Chrome 148: Google Patches 151 Vulnerabilities, Including 22 Critical Flaws
Google has released Chrome 148, addressing 151 security vulnerabilities with 22 rated at maximum criticality. The update includes over…
Apple macOS USD Library Flaw Enables Information Disclosure and Exploit Chaining
A vulnerability in the macOS Universal Scene Description (USD) library (ZDI-26-315) allows for out-of-bounds reads and potential code…
Windows Hit by Post-Patch Tuesday Zero-Day Blitz
Security researcher Chaotic Eclipse has disclosed three new Windows zero-day vulnerabilities following the May 2026 Patch Tuesday. To…
YellowKey: Microsoft Issues Emergency Mitigations for BitLocker Bypass
Microsoft issued temporary mitigations on May 20 for CVE-2026-45585, a BitLocker bypass vulnerability exploited through the Windows Re…
CISA Adds Microsoft Defender DoS Flaw to KEV Catalog with June 3 Deadline
CISA has added CVE-2026-45498, a Denial of Service vulnerability in Microsoft Defender, to its Known Exploited Vulnerabilities catalog…
CVE-2026-41091: Microsoft Defender Engine Exploited for SYSTEM Privilege Escalation
A link-following vulnerability in the Microsoft Malware Protection Engine enables local privilege escalation to SYSTEM. An analysis of…
May 2026 Patch Tuesday: 137 Flaws and the Domain Controller Threat
Microsoft's May 2026 security update addresses 137 vulnerabilities, including 31 critical flaws. While no zero-days were reported, una…