Malware and vulnerabilities dominate our review this week. This shows that humans always create bad stuff and what we create is not always perfect, hence, a vulnerability can exist in our software and applications.
Hackers abuse Google ads, Claude.ai chats to push Mac malware
When you search for anything online with the hope of getting a download link, be cautious of the link that you click on.
From the article:
Users searching for "Claude mac download" may come across sponsored search results that list claude.ai as the target website, but lead to instructions that install malware on their Mac. The chat walks users through opening Terminal and pasting a command, which silently downloads and runs malware on their Mac.
Researcher Drops YellowKey, GreenPlasma Windows Zero-Days
If I remember correctly, we wrote something about this same researcher some weeks ago. It's the same reason why they did this: frustration about the way MSFT handled the vulnerability disclosure. And, now, they have done another one!
From the article:
According to the researcher, the underlying issue for YellowKey is a well-hidden vulnerability without an explicit root cause, and could be a backdoor intentionally planted into BitLocker.
The second zero-day Windows exploit dropped by Chaotic Eclipse is named GreenPlasma and allows attackers to elevate their privileges to System. The researcher published a PoC exploit stripped of the code required to achieve a full System shell.
OpenAI says hackers stole some data after latest code security issue
By the looks of things, it's nothing that serious. I mean really serious. It's not something that you'll think: Oh, OpenAI is in big trouble, or that kind of thing.
From the article:
According to the AI giant, “only limited credential material” was taken from the affected code repositories. As a precaution, given that the affected repositories contained digital certificates used to sign OpenAI’s products, the company said it’s rotating the certificates “as a precaution,”
New Linux Kernel Vulnerability Fragnesia Allows Root Privilege Escalation
With the back-to-back public announcement of Linux vulnerabilities, will this Operating System catch a break anytime soon? We'll see.
From the article:
Dubbed Fragnesia and officially tracked as CVE-2026-46300, the issue resides in the kernel’s XFRM ESP-in-TCP subsystem, allowing an unprivileged attacker to gain root permissions by overwriting sensitive system files. Fragnesia is in the same class of vulnerabilities as the recently disclosed Dirty Frag and Copy Fail.
Credits
Cover photo by Debby Hudson on Unsplash.
That's it for this week, and I'll see you next time.
Top comments (0)