CVE-2026-41091 lets a local attacker escalate to SYSTEM through Defender's Malware Protection Engine, while CVE-2026-45498 kills definition updates — patched together, federal deadline June 3.
CISA added three infrastructure CVEs to its Known Exploited Vulnerabilities catalog on May 27 — a Linux kernel local privilege escalation to root, an Ivanti EPMM authenticated RCE, and an unauthenticated out-of-bounds write in PAN-OS that also lands root.
Beta builds of the Cloudflare One client for macOS and Windows landed with a redesigned interface, and the Windows build can block all internet traffic from boot until the user authenticates.
Google issued security bulletin GCP-2026-034 for a server-side request forgery vulnerability in Apigee X that allows attackers to exfiltrate service account tokens through an unvalidated IntegrationRegion parameter.
Google shipped Guest Environment version 20260511.00 to repair a May 4–11 control plane error that accidentally removed the core plugin, disabling SSH access and password reset on affected instances.
CISA has ordered federal agencies to patch a CVSS 10.0 authentication bypass in Cisco Catalyst SD-WAN Controller and Manager by May 17, 2026, following confirmed active exploitation.
The FCEB mandatory patching deadline for CVE-2026-32202, a zero-click Windows Shell spoofing vulnerability actively exploited by APT28, falls today, May 12, 2026.
CISA's May 9 enforcement deadline for federal agencies to mitigate the actively exploited PAN-OS root-level RCE (CVE-2026-0300) arrives while Palo Alto's patch remains four days away.
Google Cloud Service Mesh now surfaces acceptance and rejection status codes for Istio API resources, letting operators see detailed error codes through resource and mesh state displays.
CNCF has published the full session schedule for KubeCon + CloudNativeCon Japan 2026, taking place July 29-30 at PACIFICO Yokohama, with registration open through June 16.
The CNCF TOC voted on May 7 to advance Microcks from Sandbox to Incubating status, recognizing its growth as a cloud-native API mocking and contract testing platform.
GitHub published a comprehensive security model for agentic workflows, covering sandboxed execution, credential isolation, and full traceability across trust boundaries.