RE: https://mastodon.art/@lurnoise/114993216415771245

Hi! You should hire me for stuff, not only do I draw pretty neatly but I'm also very kind and easy to work with and always hit the deadlines <3

What You Need to Know: Windows Admin Center Remote Privilege Escalation (CVE-2026-26119) https://www.semperis.com/blog/what-you-need-to-know-windows-admin-center-remote-privilege-escalation-cve-2026-26119/

Almost 7 years of silence.
Today, that changes.
March 23, 2026.
Follow to be among the first to know:
https://www.corelan.be/index.php/contact
Tick tock. It’s coming.

Our Call for Participation is now live!

If you have a talk, workshop, performance, or installation you'd like to bring to EMF, you can now submit it here:

https://www.emfcamp.org/cfp

Accepted proposals are guaranteed the chance to buy a ticket!

Sums up my experience growing up

🤞https://open.substack.com/pub/chinatalk/p/how-claude-opened-the-strait-of-hormuz

looks like anthropic got rid of the claude refusal triggering string :(

This is my analysis (and PoC) for CVE-2026-20817, a privilege escalation in the Windows Error Reporting service.

👉 https://itm4n.github.io/cve-2026-20817-wersvc-eop/

Credit goes to Denis Faiustov and Ruslan Sayfiev for the discovery.

TL;DR A low privilege user could send an ALPC message to the WER service and coerce it to start a WerFault.exe process as SYSTEM with user-controlled arguments and options. I did not achieve arbitrary code execution, but perhaps someone knows how this can be done? 🤷‍♂️

Google Search using AI to rewrite headlines

https://www.theverge.com/tech/896490/google-replace-news-headlines-in-search-canary-coal-mine-experiment

Has anyone ever heard of a security breach of a Fedramp moderate or higher authorized environment? I mean the parts that are authorized.

NTLM and SMB go opt-in

https://daniel.haxx.se/blog/2026/03/22/ntlm-and-smb-go-opt-in/

#curl

Does anyone know where to find more info on the surveilance economy online? I was looking for an update on the unfortunate Debora Silvestri who crashed so badly yesterday, and of course, was met with "We value your privacy" banner where I could consent to giving away… something?

The Privacy Policy talks about two cookies - both Google Analytics, and two partners for gaining "audience insights". The actual cookie pop-up list 1.709 (!) so-called "partners", many with "legitimate interest". Basically all these are companies nobody has ever heard of.

I know I'm leaking info like IP-address, browser and device details. What I can't understand is how all these 1.709 little leeches can possibly deliver enough value and generate revenue based on this information. Who pays them, and for what?

Thanks!

#advertisements #surveillance #cookies

We’ve always had a problem with least privilege, but users needed to be owned for it to visibly hurt the enterprise.

Kevin didn’t know what to do with the extra creds, but his agent will.

Maybe the first run of the “paperclip” problem will be agents wiping shares to save us..

Okay these "Background Security Improvements" are definitely worse than RSRs. They show up at random times in your Settings app, and if you tap anywhere else, they disappear immediately. You can find them again, but they're not under Software Updates where they should be, but under Privacy & Security > Background Security Improvements, which also does not seem to show up in search.

EDIT: HOLY SHIT I have to enable "Automatically Install" in order to even be allowed to download them MANUALLY?! And there's no progress indicator either?? Whoever approved this should be hurled into the sea.