Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Category: security

Microsoft shares mitigation for YellowKey Windows zero-day

Microsoft has shared mitigations for YellowKey, a recently disclosed Windows BitLocker zero-day vulnerability that grants access to protected drives.

The security flaw was disclosed last week by an anonymous security researcher known as ‘Nightmare Eclipse,’ who described it as a backdoor and published a proof-of-concept (PoC) exploit.

Nightmare Eclipse said that exploiting this zero-day involves placing specially crafted ‘FsTx’ files on a USB drive or EFI partition, rebooting into WinRE, and then triggering a shell with unrestricted access to the BitLocker-protected storage volume by holding down the CTRL key.

Exploit released for new PinTheft Arch Linux root escalation flaw

A recently patched Linux privilege escalation vulnerability now has a publicly available proof-of-concept (PoC) exploit that allows local attackers to gain root privileges on Arch Linux systems.

The vulnerability, named PinTheft by the V12 security team and still waiting to be assigned a CVE ID for easier tracking, exists in the Linux kernel’s RDS (Reliable Datagram Sockets) and was patched earlier this month.

“PinTheft is a Linux local privilege escalation exploit for an RDS zerocopy double-free that can be turned into a page-cache overwrite through io_uring fixed buffers,” V12 said in a Tuesday advisory.

To study how chips really work, MIT researchers built their own operating system

When security researchers want to understand what a modern processor is really doing with the kind of detail that determines whether attacks like Spectre and Meltdown are possible, they usually run their experiments on top of an operating system that was never built for the job. They open up macOS or Linux, patch the kernel by hand, and hope the modifications hold. The approach is unstable, hard to reproduce, and on Apple’s platforms, slated for deprecation.

A team at MIT’s Computer Science and Artificial Intelligence Laboratory (CSAIL) decided to build something different. Fractal, a new operating system kernel written from the ground up, treats the hardware itself as the object of study. Its first major use, a deep look at the branch predictors (CPU’s way of guessing what code to run next before it knows for certain), so it doesn’t have to waste time waiting to find out) inside Apple’s M1 processor, has already turned up findings that prior work missed, including the first evidence that a class of speculative attack known as “Phantom” affects Apple Silicon.

“We’re using hardware in ways it wasn’t designed for,” says Joseph Ravichandran, the MIT PhD student who led the project. “It’s not even obvious that this is a possible thing you could do with the hardware. But we found a way to pull all these different primitives off. It’s like a microscope. If you’ve got a hand magnifying glass, you can see a little bit. But if you had an electron microscope, now we’re really talking. That’s what Fractal is. The electron microscope of operating systems.”

US federal funds awarded to spur SMR deployment

In October 2024, the US Department of Energy (DOE) — under the Joe Biden administration — opened applications for funding to support the initial domestic deployment of Generation III+ small modular reactor (SMR) technologies, with up to USD800 million to go to two “first-mover” teams, with an additional USD100 million to address so-called gaps that have hindered plant deployments. According to the solicitation documentation, a Gen III+ SMR is defined as a nuclear fission reactor that uses light water as a coolant and low-enriched uranium fuel, with a single-unit net electrical power output of 50–350 MWe, that maximises factory fabrication approaches, and the same or improved safety, security, and environmental benefits compared with current large nuclear power plant designs.

The solicitation was re-issued by the DOE in March 2025 to better align with President Donald Trump’s agenda on unleashing American energy and AI dominance.

In December last year, the DOE selected Tennessee Valley Authority (TVA) and Holtec Government Services to each receive USD400 million in federal cost-shared funding to support early deployments of advanced light-water small modular reactors in the USA. TVA’s application was selected for funding to accelerate the deployment of a GE Vernova Hitachi BWRX-300 at its Clinch River site in East Tennessee. Holtec plans to deploy two SMR-300 reactors — named Pioneer 1 and 2 — at the Palisades Nuclear Generating Station site in Michigan.

NSA Releases Hundreds of Pages of Formerly Top Secret UMBRA UAP Records After Disclosure Foundation FOIA Appeal

The National Security Agency has produced hundreds of pages of historical UAP-related records following a Freedom of Information Act appeal by the Disclosure Foundation. Many of the records were previously classified “TOP SECRET UMBRA,” one of the most sensitive classification markings associated with signals intelligence.

DirtyDecrypt PoC Released for Linux Kernel CVE-2026–31635 LPE Vulnerability

Dubbed DirtyDecrypt (aka DirtyCBC), the vulnerability was discovered and reported by the Zellic and V12 security team on May 9, 2026, only to be informed by the maintainers that it was a duplicate of a vulnerability that had already been patched in the mainline.

“It’s a rxgk pagecache write due to missing COW [copy-on-write] guard in rxgk_decrypt_skb,” Zellic co-founder Luna Tong (aka cts and gf_256) said in a description shared on GitHub.

Although the CVE identifier was not disclosed, the vulnerability in question is CVE-2026–31635 (CVSS score: 7.5) based on the fact that the NIST National Vulnerability Database (NVD) includes a link to the DirtyDecrypt PoC in its CVE record.

Commercial Space Economy: Space Stations, Space Data Centers, and NASA

Matthew Weinzierl and Brendan Rosseau, authors of Space to Grow, explain the commercial space economy and the role of NASA, Artemis, commercial space stations, space-based data centers, Starlink, GPS, China’s space program, national security, and space governance.

The conversation covers how governments, private companies, and investors build, fund, regulate, and compete in space, from microgravity research and launch markets to lunar exploration, space resources, and the economics of commercial space.

We also try and re-write the Space Treaty and look at the politics of the space race.

Please enjoy the show.

Thinking on Paper is a technology podcast about AI, Space, quantum computing, science, and the systems shaping the future.

🏠 Buy us a beer on Substack: https://thinkingonpaperpodcast.substa… Take us with you on Spotify: https://open.spotify.com/show/00volKq… 🎧 Remember steve jobs on APPLE: https://podcasts.apple.com/us/podcast… 📺 Get the clips and outtakes on Instagram / thinkingonpaperpodcast — Links & Resources Matthew: https://www.hbs.edu/faculty/Pages/pro… Brendan: linkedin.com/in/brendan-rosseau Buy Space To Grow: https://www.hbs.edu/faculty/Pages/ite… — Chapters 00:00 Setting The Scene 03:35 Microgravity 07:43 Economic Incentives 12:14 Political Cycles 17:09 International Collaboration 18:45 National Security in Space 21:36 Space Exploration 24:27 A Day Without Space 28:49 Space Investment 30:37 Space-Based Data Centers 33:40 Space Resources 38:26 Governance in Space 40:55 A New Space Treaty.

Continue reading “Commercial Space Economy: Space Stations, Space Data Centers, and NASA” | >

Ivanti, Fortinet, SAP, VMware, n8n Patch RCE, SQL Injection, Privilege Escalation Flaws

Ivanti, Fortinet, n8n, SAP, and VMware have released security fixes for various vulnerabilities that could be exploited by bad actors to bypass authentication and execute arbitrary code.

Topping the list is a critical flaw impacting Ivanti Xtraction (CVE-2026–8043, CVSS score: 9.6) that could be exploited to achieve information disclosure or client-side attacks.

“External control of a file name in Ivanti Xtraction before version 2026.2 allows a remote authenticated attacker to read sensitive files and write arbitrary HTML files to a web directory, leading to information disclosure and possible client-side attacks,” Ivanti said in an advisory.

/* */