May 17, 2026

Three page-cache privilege escalation vulnerabilities in three weeks. Copy Fail, Dirty Frag, Fragnesia. The pattern is clear.

CIQ's response to Fragnesia was different. Instead of patching what researchers found and moving on, Sultan Alsawaf audited the kernel's networking stack…

— CIQ (@CtrlIQ) May 15, 2026

CIQ | We predicted the next wave. Five days later, we found it…

Fragnesia is the third page-cache LPE in 3 weeks. This time CIQ went proactive - using AI to find an additional exploit path, and contributing the fix upstream.

The blog post on my talk "Design-Based Vulnerabilities on macOS： Oops, Not a One-Shot Fix" presented at OffensiveCon2026 : https://t.co/DAqpWVVxDs

— Zhongquan Li (@Guluisacat) May 15, 2026

these have been incredible to witness because all of these vulns haven't been memory corruption. they've been researchers exploring pretty novel ideas and being extremely creative. not just a pattern search on existing bug shapes https://t.co/6fQzOAzQgp

— h0mbre (@h0mbre_) May 15, 2026

@tiraniddo's bug still alive 5 years after he reported it and Microsoft fixed it.https://t.co/qIVTLJXKDY https://t.co/aRCFpDypnx

— Filip Dragovic (@filip_dragovic) May 15, 2026

Sun Yat-sen founded the Revive China Society in Honolulu, moved back to China and merged with others to form the Tongmenghui which became the Kuomintang, which the CCP was part of until it split along left-right lines after his death and Chiang Kai-Shek lead the nationalists

— Quantіan (@quantian1) May 16, 2026

Both the PRC and ROC trace the ultimate origin of their current government to Honolulu, Hawaii https://t.co/8VbfRDdOAA

— Quantіan (@quantian1) May 16, 2026

UX is my passion 🦎

It's just a prototype lol, not sure if it's a good idea?https://t.co/NvjdH00aUt pic.twitter.com/VN9qzbRUPt

— Tavis Ormandy (@taviso) May 15, 2026

GitHub - taviso/matrix3: matrix³ is an mv3 content policy manager · GitHub

matrix³ is an mv3 content policy manager. Contribute to taviso/matrix3 development by creating an account on GitHub.

taviso/matrix3 (19 stars, JavaScript) matrix³ is an mv3 content policy manager

source: Tavis Ormandy (@taviso)

* Seems many exploits couldn't be demoed due to bad luck/last-minute fixes. Really sorry for the participants :( great research!
* No V8 (and Chrome?) submissions for the 2nd year in a row
* @orange_8361's chain sounds wild, very curious for details!
Thanks for #Pwn2Own @thezdi https://t.co/WdBDCDpEN2

— Samuel Groß (@5aelo) May 16, 2026

This is an extremely interesting, and important graph for where we are related to Offensive Security related tasks in AI. From the ExploitGym paper. https://t.co/OA5wvMRjTS pic.twitter.com/ftdA6ajN8m

— Aaron Grattafiori (@dyn___) May 16, 2026

source: Aaron Grattafiori (@dyn___)

speaking of which... anyone who is actually saying "bounty is dead" rn fundmentally misunderstands what a bounty actually is, does, and is for: https://t.co/OGDwPkwDlp

there is a lot in the process of resettling and rebooting right now (if you're observant you'll have noticed…

— cje (@caseyjohnellis) May 16, 2026

Information Asymmetry and the 1950s Nuclear Bounty

Props to Matt Ploessel for calling out this one... I'd not heard of a bounty around nuclear weapons until today.

i guess openai trained more on cpp, anthropic more on js, both strong at reasoning, but exploitgym setup is not quite good as exploitbench and that affect the outcome.

— Toan Pham (@__suto) May 16, 2026

wait, there is one more paper from few days back called ExploitGym which has very interesting data.

on kernel tasks, gpt-5.5 + codex cli outperformed claude mythos preview + claude code: 22/193 vs 12/193, but for user and browser exploits mythos is pretty strong.

what could be… https://t.co/Fo2OHk1kZP pic.twitter.com/I7zB4duQ0U

— s1r1us (mohan) (@S1r1u5_) May 16, 2026

It's confirmed, CVE-2020-17103 patch is ineffective and the vulnerability still exists,
A weaponized PoC can be found here - https://t.co/7hnamkLsS1

Tested against fully patched Windows 11 and Server 2025 machines.

— Chaotic Eclipse (@ChaoticEclipse0) May 16, 2026

Another Windows zero day released by Nightmare Eclipse (sort of)

It turns out Microsoft just straight up didn't patch an old CVE from 2020 correctly.https://t.co/sNWBtTo4at

— vx-underground (@vxunderground) May 16, 2026

GitHub - Nightmare-Eclipse/MiniPlasma: CVE-2020-17103 was apparently not patched or the patch was reversed, regardless this the PoC for an LPE in cldflt.sys · GitHub

CVE-2020-17103 was apparently not patched or the patch was reversed, regardless this the PoC for an LPE in cldflt.sys - Nightmare-Eclipse/MiniPlasma

Nightmare-Eclipse/MiniPlasma (330 stars, C#) CVE-2020-17103 was apparently not patched or the patch was reversed, regardless this the PoC for an LPE in cldflt.sys

source: vx-underground (@vxunderground)

In a rare direct attack on Anthropic by a leading Chinese AI lab, Moonshot president Zhang Yutong said that Anthropic's decision to limit release of its Mythos model to a small group of companies and governments was likely more dangerous for the world. https://t.co/Ysg3RCE1C2…

— Vincent Chow (@vince_chow1) May 15, 2026

AI | Anthropic’s plea for US to grow its AI edge over China is ‘irresponsible’: analysts | South China Morning Post

American firm’s warning about China’s tech capability seen by some as fearmongering as hopes of bilateral cooperation on AI safety rise.

🚨 New from our team at Google Threat Intelligence Group: "Welcome to BlackFile: Inside a Vishing Extortion Operation" #UNC6671 is one of the most prolific and underreported cybercrime actors of 2026, targeting dozens of orgs across the US, Canada, Australia, and the UK. 🧵 pic.twitter.com/QFu27xjIAM

— Austin Larsen (@AustinLarsen_) May 15, 2026

Exclusive: Fast16 malware has raised questions about what it was designed to do. Researchers at @symantec finally confirm that it was subverting software used to simulate nuclear weapons explosions. Nuclear experts tell me Iran was the likely target https://t.co/oZf609ESSL

— Kim Zetter (@KimZetter) May 16, 2026

Experts Confirm the Fast16 Malware Was Sabotaging Nuclear Weapons Tests, Likely in Iran

Fast16 didn't predate Stuxnet but was contemporaneous with it. It also wasn't aimed at altering nuclear weapons but was simply feeding false data to engineers about the nuclear detonation tests they were conducting, in order to trick them into believing the tests were failing.

Microsoft Edge's Enhanced Security Mode was designed to be the ultimate defense when browsing unfamiliar websites.

Zellic researchers @eternalsakura13 and R1nd0 found 23 RCEs in it.

Their target? DrumBrake, Microsoft's WebAssembly interpreter.

The irony? This security feature… https://t.co/P0dMMqYkGJ

— Zellic (@zellic_io) May 15, 2026

Very interesting discovery & assessment: Iran’s MuddyWater APT observed using Chaos Ransomware.

One key piece of context the R7 blog missed, however, is that MuddyWater has been around a long time and was found to use Thanos ransomware several years ago: https://t.co/TQ9RF8ql10 https://t.co/acQ5KAhgt8

— Will (@BushidoToken) May 15, 2026

[1] Our exp works on every system we have in hand and it works with a almost 100% success rate, we didn’t test it on the mbp m5 bare metal that pwn2own use because of a chain of real life exploit in which our exp was pwned. https://t.co/atX5q6xe1f

— Tao Yan (@ga1ois) May 15, 2026

Stop pretending...

No OS has been truly able to isolate users, or turn a light sandbox into a real security barrier, for decades.

Yes, use them. Same reason you close the door every day: less noise and dirt. https://t.co/KkAgMNQZvN

— Juliano Rizzo (@julianor) May 15, 2026

first of all, i'm not a fan of most security benchmarks, they're usually unrealistic, but this one definitely isn't. the idea here is to give the model v8 patches, source and ask it to generate a full exploit chain.

also it's from the pro @0x10n (current #1 on google…

— s1r1us (mohan) (@S1r1u5_) May 15, 2026

seems twitter missed the ExploitBench paper? few observations:

we finally got good data on Mythos security capabilities and it's very impressive.

Mythos got full exploit chain on 18/41 v8 n-days, while gpt 5.5 only got 1 and open source models are mostly useless. pic.twitter.com/n3JSXUewUG

— s1r1us (mohan) (@S1r1u5_) May 15, 2026

One of our security researchers demonstrated a local root shell on Linux using a page-cache poisoning primitive in AF_RXRPC’s RxGK path.

We call it DirtyCBC: a sibling to DirtyFrag in the broader CopyFail / DirtyFrag / Fragnesia family. The issue is fixed on mainline.
The… pic.twitter.com/lO7XOR5vYb

— Caleb Fenton (@caleb_fenton) May 16, 2026

DirtyCBC: When Linux Kernel Decrypt-Before-MAC Turns Authenticated Encryption Into a Page-Cache Write → Delphos Labs

Linux kernel page-cache poisoning via AES-256 chosen-plaintext on the RxGK RESPONSE path and why authenticated encryption did not stop it.

شرکت Symantec گزارش تکمیلی خودش رو در مورد بدافزار پیشرفته که اخیرا و تحت عنوان Fast16 بصورت عمومی منتشر شده، ارایه کرده.
در این گزارش عنوان شده که بر اساس شواهد فنی، احتمال قریب به یقین هدف اصلی این بدافزار دستکاری محاسبات شبیه سازی انفجار اورانیوم، و برنامه هسته ایی ایران بوده.… pic.twitter.com/onYxrmPzXr

— Hamid Kashfi (@hkashfi) May 16, 2026

Fast16: Pre-Stuxnet Sabotage Tool Was Built to Subvert Nuclear Weapons Simulations | SECURITY.COM

New analysis confirms the targeted applications and reveals fast16 was tailored to corrupt uranium-compression simulations central to nuclear weapon design.

Experts Confirm the Fast16 Malware Was Sabotaging Nuclear Weapons Tests, Likely in Iran

Fast16 didn't predate Stuxnet but was contemporaneous with it. It also wasn't aimed at altering nuclear weapons but was simply feeding false data to engineers about the nuclear detonation tests they were conducting, in order to trick them into believing the tests were failing.

shadowbrokers-exploits/windows/Resources/Ep/drv_list.txt at master · DonnchaC/shadowbrokers-exploits · GitHub

Mirror of Shadowbrokers release from https://steemit.com/shadowbrokers/@theshadowbrokers/lost-in-translation - DonnchaC/shadowbrokers-exploits

DonnchaC/shadowbrokers-exploits (515 stars, Python) Mirror of Shadowbrokers release from https://steemit.com/shadowbrokers/@theshadowbrokers/lost-in-translation

source: Hamid Kashfi (@hkashfi)

Offensivecon is coming to Tokyo! 🔗 https://t.co/VGZ1shw2b1

Ticket shop, sponsorships and CFP are already open... pic.twitter.com/CiprlwaeGT

— offensivecon (@offensive_con) May 16, 2026