// UNCLASSIFIED // CLEARED FOR PUBLIC RELEASE //
FILE BRF-01DTG 0600Z
ColdRecon / Brief Archive / Week of May 11, 2026
Signal Brief · Archived

Week of May 11, 2026

2026-05-11 — 2026-05-17 · 32 PUBLIC EVENTS · GENERAL / NON-PERSONALIZED

In the week of May 11, 2026, ColdRecon logged 32 public endpoint-security events from open-source reporting — 13 incidents, 10 vuln disclosures, 7 research pocs, 2 vendor announcements. Vendors in the record this week: Microsoft, SentinelOne, CrowdStrike.

The Week's Public Record

Events

2026-05-16
incident
CrowdStrike Falcon Sensor Update Causes Global Windows BSOD OutageCrowdStrike Falcon Sensor Channel File 291 Incident
On July 19, 2024, a faulty Rapid Response Content configuration file (Channel File 291) for the CrowdStrike Falcon sensor caused widespread Windows Blue Screen of Death (BSOD) crashes. The update, deployed without staged rollout, affected approximately 8.5 million devices globally, disrupting airlines, hospitals, and critical services. The incident stemmed from an architectural decision to allow rapid threat-detection updates to the kernel-level sensor without the same testing rigor applied to sensor code.
2026-05-16
research poc
AI-Assisted Development of PowerShell AMSI Bypass for Signature Evasion TestingAI-Enhanced PowerShell AMSI Bypass
A security researcher used AI to iteratively develop a PowerShell script that bypasses the Antimalware Scan Interface (AMSI) by patching the AmsiScanBuffer function in memory. The AI-assisted workflow demonstrates how attackers can leverage large language models to refine evasion techniques against endpoint detection mechanisms.
2026-05-15
vuln disclosure
Four OpenClaw Vulnerabilities Enable Data Theft, Privilege Escalation, and PersistenceOpenClaw vulnerabilities
Security researcher Vladimir Tokarev discovered four vulnerabilities in OpenClaw that allow data theft, privilege escalation, and persistence. The flaws can be exploited by weaponizing the agent's own privileges. Users are advised to update to the latest version to mitigate the risks.
2026-05-15
incident
Gremlin Stealer Variant Uses Encrypted Resources to Hide C2 and ExfiltrationGremlin Stealer Encrypted Resource C2
A new variant of the Gremlin stealer malware has been identified using advanced obfuscation to conceal its command-and-control infrastructure and data exfiltration paths. The malware hides C2 details and exfiltration routes within encrypted resources, making detection and analysis more difficult. This technique poses a challenge for endpoint security solutions that rely on network traffic analysis or static signatures.
2026-05-15
vuln disclosure
CVE-2026-7373: Rapid7 Metasploit Pro Local Privilege Escalation via OpenSSL Config InjectionCVE-2026-7373
A local privilege escalation vulnerability exists in Rapid7 Metasploit Pro on Windows. The metasploitPostgreSQL service runs as SYSTEM and loads an OpenSSL configuration file from a static, world-writable location. A pre-existing unprivileged 'vagrant' user can plant a malicious openssl.cnf to execute arbitrary commands with SYSTEM privileges, leading to full host compromise.
2026-05-14
incident
OpenAI employee devices breached via TanStack supply chain attackTanStack supply chain attack
OpenAI confirmed that two employee devices were compromised in the TanStack supply chain attack, which affected hundreds of npm and PyPI packages. The breach prompted OpenAI to rotate code-signing certificates for its applications as a precaution.
2026-05-14
vendor announcement
OpenAI launches Daybreak for AI-driven vulnerability discoveryOpenAI Daybreak
OpenAI announced Daybreak, an AI-driven vulnerability discovery initiative, in partnership with Cisco and CrowdStrike. The project aims to use frontier models to find vulnerabilities in products and share open-source frameworks to improve security across the industry.
2026-05-14
incident
FrostyNeighbor Uses JavaScript PicassoLoader in Spearphishing Against Ukrainian GovernmentFrostyNeighbor PicassoLoader JavaScript variant
ESET discovered new FrostyNeighbor activity since March 2026 targeting Ukrainian governmental organizations with spearphishing PDFs containing malicious links. The campaign uses a JavaScript variant of PicassoLoader to deliver Cobalt Strike beacons, with server-side victim validation to evade detection. This shows continued evolution of the group's espionage toolset.
2026-05-14
incident
Seedworm APT Uses Signed SentinelOne Binary for DLL Sideloading in Global Espionage CampaignSeedworm DLL Sideloading via SentinelOne Binary
The Iran-linked Seedworm (MuddyWater) APT group conducted a global espionage campaign in early 2026, targeting at least nine organizations across multiple sectors. The attackers used DLL sideloading with a legitimate signed SentinelOne binary (sentinelmemoryscanner.exe) to load a malicious DLL (sentinelagentcore.dll), evading endpoint detection. The malicious DLL deployed ChromElevator to steal browser credentials, with the attack chain driven by a Node.js script.
2026-05-14
vuln disclosure
Microsoft Patches Exploited UnDefend and RedSun Defender Zero-DaysUnDefend and RedSun Defender zero-days
Microsoft has released patches for two zero-day vulnerabilities in Microsoft Defender, named UnDefend and RedSun, which were publicly disclosed last month. The flaws were actively exploited in the wild before the patch was available.
2026-05-13
vuln disclosure
Microsoft Defender Flaws Patched, BitLocker Bypass EmergesCVE-2025-21211
Microsoft patched multiple vulnerabilities in its Defender security product, addressing flaws that could allow attackers to bypass detection or elevate privileges. Separately, a BitLocker bypass technique was disclosed, potentially enabling attackers to access encrypted data under certain conditions.
2026-05-13
vuln disclosure
Microsoft discloses YellowKey Windows security feature bypass vulnerability CVE-2026-45585 with mitigation guidanceCVE-2026-45585
Microsoft acknowledged a security feature bypass vulnerability in Windows tracked as CVE-2026-45585 and publicly referred to as 'YellowKey'. The flaw is being exploited in the wild, and Microsoft has shared mitigation measures to defend against potential attacks.
2026-05-13
vuln disclosure
Researcher Discloses Two Microsoft Zero-Day Vulnerabilities Including Credential Dumping BypassCVE-2025-25504
A disgruntled researcher publicly released two zero-day vulnerabilities affecting Microsoft products. One flaw allows credential dumping from the LSASS process while bypassing Microsoft Defender for Endpoint detection. The disclosure raises concerns about increased risk of credential theft on compromised endpoints.
2026-05-13
incident
MORPHIC Ransomware Exhibits Autonomous Runtime Adaptation to Evade Endpoint DefensesMORPHIC
In Q1 2026, Lyrie observed a new ransomware family, MORPHIC, that dynamically alters its encryption speed, pauses operations, switches encryption algorithms, and rewrites in-memory code in response to detected security tools. This runtime adaptation defeated traditional behavioral detection and static honeypots across four customer environments.
2026-05-13
vuln disclosure
CVE-2026-0247: Authorization Bypass in Prisma Access Agent Endpoint DLPCVE-2026-0247
Palo Alto Networks disclosed multiple authorization bypass vulnerabilities in the Endpoint DLP component of Prisma Access Agent. A local attacker with low privileges can bypass authentication to execute privileged operations, potentially compromising confidentiality, integrity, and availability of the endpoint. The issue affects versions prior to 26.2.1 on macOS and Windows.
2026-05-13
incident
Nitrogen Ransomware Breaches Foxconn, Exfiltrates 8TB of Supply Chain DataNitrogen Ransomware
The Nitrogen ransomware group breached Foxconn's North American manufacturing facilities in May 2026, exfiltrating 8TB of data including hardware schematics for major tech customers. The attack used malvertising and DLL sideloading to gain initial access, followed by weeks of lateral movement and data staging before deploying ransomware. This incident highlights the supply chain risk posed by ransomware groups targeting manufacturing to steal sensitive intellectual property.
2026-05-13
incident
Entra ID Phantom Device Registration and PRT Bypass Enables Full Tenant CompromisePhantom Device + PRT Bypass
A red team engagement demonstrated a five-step attack chain against Microsoft Entra ID, starting from a single set of valid credentials blocked by Conditional Access. By exploiting gaps in Device Registration Service, phantom device registration, and Intune compliance evaluation, attackers achieved Global Administrator access without touching a corporate endpoint or deploying malware. The technique has been observed in the wild by the Storm-2372 APT group.
2026-05-13
vendor announcement
SentinelOne Windows Agent Installer Updated to Mitigate BYOI Bypass AttacksSentinelOne Guardian installer security hardening
SentinelOne has updated its Windows agent installer as part of the Guardian installer / SentinelInstallerDriver security hardening initiative. The change improves protection around installer and upgrade workflows and aims to reduce exposure to Bring Your Own Installer (BYOI) bypass attacks.
2026-05-13
vuln disclosure
CISA adds Microsoft Defender CVE-2023-36010 to Known Exploited Vulnerabilities catalogCVE-2023-36010
CISA added CVE-2023-36010, a denial-of-service vulnerability in Microsoft Defender, to its Known Exploited Vulnerabilities catalog, indicating active exploitation in the wild. The flaw allows an attacker to cause a denial of service on affected systems. This highlights the risk of vulnerabilities within endpoint security agents themselves.
2026-05-12
research poc
YellowKey exploit bypasses BitLocker encryption using USB key filesYellowKey
Security researchers demonstrated YellowKey, a zero-day exploit that decrypts Microsoft BitLocker-protected drives by placing specific files on a USB stick, bypassing the need for the recovery key or password. The attack requires physical access and leverages an apparent backdoor in the BitLocker implementation. A second zero-day, GreenPlasma, enables local privilege escalation.
2026-05-12
incident
Attackers abuse HPE Operations Agent for malware-free intrusionHPE Operations Agent abuse
Microsoft observed a stealthy intrusion campaign where attackers bypassed traditional malware by abusing the legitimate HPE Operations Agent. The technique allowed silent network infiltration without dropping malicious files, evading endpoint detection. This highlights the risk of trusted enterprise tools being weaponized for lateral movement and persistence.
2026-05-12
incident
Vidar Stealer Campaign Uses Stealthy Techniques to Bypass EDR and Steal CredentialsVidar Stealer EDR Bypass Campaign
A new Vidar Stealer campaign targets Windows endpoints, employing stealthy methods to evade endpoint detection and response (EDR) systems. The malware steals passwords, browser cookies, cryptocurrency wallets, and authentication data. This campaign highlights evolving evasion tactics that challenge current endpoint security controls.
2026-05-12
research poc
Technique to Detect EDR Inline Hooks in ntdll.dll by Comparing In-Memory and On-Disk Function BytesEDR Inline Hook Detection via ntdll.dll Export Comparison
A method is described to identify which functions in ntdll.dll are hooked by EDR/AV products by comparing the first bytes of exported functions in memory against a clean copy from disk. This reveals monitored vs. unmonitored syscall paths, enabling attackers to choose evasion routes. The technique filters out data exports to reduce false positives and classifies hook types.
2026-05-12
vuln disclosure
CVE-2026-3609: XIGNCODE3 xhunter1.sys PPL-Bypassing Handle LeakCVE-2026-3609
A vulnerability in Wellbia's XIGNCODE3 anti-cheat driver xhunter1.sys allows an unprivileged user-mode process to obtain a PROCESS_ALL_ACCESS handle to any process, including Protected Process Light (PPL) targets like lsass.exe. The driver's IRP_MJ_WRITE handler for command 785 calls ObOpenObjectByPointer with KernelMode access mode, bypassing access checks, and omits OBJ_KERNEL_HANDLE, placing the handle in the caller's process handle table. This enables full read/write/terminate access, defeating PPL protections on fully-patched Windows 11 systems.
2026-05-12
incident
Fake Claude Code Installers Abuse IElevator to Steal Browser SecretsFake Claude Code IElevator Malware
Attackers are distributing fake Claude Code installers that deploy malware to steal protected browser data. The malware abuses Chrome's IElevator interface to escalate privileges and access encrypted credentials and cookies. This technique bypasses standard browser protections, enabling theft of sensitive authentication material.
2026-05-12
incident
Vercel Breach: Lumma Stealer Infects Context.ai, OAuth Tokens Compromise Customer CredentialsVercel April 2026 Breach via Context.ai OAuth Chain
In April 2026, Vercel disclosed a breach where an attacker used OAuth tokens stolen from Context.ai via Lumma Stealer malware to access Vercel internal systems and customer environment variables. The attack chain started with a Context.ai employee downloading Roblox auto-farm scripts, leading to a two-month dwell time and eventual exposure of credentials for AWS, Azure, GCP, GitHub, Stripe, Twilio, and SendGrid. The incident highlights risks of OAuth trust relationships and AI-supply-chain attacks.
2026-05-11
vuln disclosure
CVE-2026-42869: SOCFortress CoPilot Hardcoded JWT Secret Authentication BypassCVE-2026-42869
CVE-2026-42869 is an authentication bypass vulnerability in SOCFortress CoPilot versions prior to 0.1.57. The platform ships with a hardcoded JWT signing secret, allowing unauthenticated attackers to forge admin tokens and gain full control of CoPilot and connected security tools. The flaw arises from a fallback secret in the source code and default Docker Compose configuration.
2026-05-11
research poc
Google GTIG Detects Likely AI-Assisted Zero-Day Exploit DevelopmentAI-generated zero-day exploit (Google GTIG)
Google Threat Intelligence Group (GTIG) observed a zero-day exploit assessed to have been developed with AI assistance. The report also notes AI-generated decoy code in malware campaigns. This marks a notable instance of AI being used to create novel exploits.
2026-05-11
incident
EtherRat and TukTuk Malware Lead to The Gentleman Ransomware DeploymentEtherRat and TukTuk C2 leading to The Gentleman Ransomware
An intrusion began with a malicious MSI masquerading as Sysinternals RAMMap, deploying an EtherRAT variant that used Ethereum blockchain for C2 configuration. The threat actor later deployed TukTuk malware, a new AI-generated framework using SaaS platforms for C2, and ultimately executed The Gentleman ransomware across the domain via GPO after disabling defenses and exfiltrating data.
2026-05-11
research poc
AI tools enable exploit generation from patches within 30 minutes, shrinking effective disclosure windowAI-accelerated exploit generation from patches
Research demonstrates that AI can analyze software patches and generate working exploits in as little as 30 minutes, drastically reducing the time between patch release and exploit availability. This challenges the traditional 90-day disclosure window and demands faster patch deployment and revised disclosure practices.
2026-05-11
research poc
Google reveals hackers use AI to craft evasive malware and bypass 2FAAI-assisted malware with decoy logic
Google's research indicates cybercriminals and nation-state actors are using AI for vulnerability research, exploit development, and creating malware with decoy logic to evade endpoint detection. AI-generated media like voice cloning is also used to bypass two-factor authentication. This highlights an emerging trend of AI lowering the barrier for sophisticated endpoint attacks.
2026-05-11
research poc
GhostLock Tool Uses Windows API to Lock File Access, Simulating Ransomware ImpactGhostLock
GhostLock is a proof-of-concept tool that locks file access on Windows using legitimate API calls, achieving ransomware-like business disruption without encrypting files. It demonstrates a novel availability attack that bypasses traditional detection mechanisms focused on encryption behavior.
Every event in this brief is a record in ColdRecon's canonical set, drawn from public open-source reporting and linked to its source. This is the general, non-personalized signal — published 7 days after the fact. The live daily brief, written for your deals, is for cleared officers.

This is last week, public. Get this morning's, written for you.

The live ColdRecon brief lands at 0600 daily — the same signal, filtered to your competitors and framed for your deals. Request clearance and tomorrow's is yours.

Request Clearance →