A quick summary of notable security stories from the past few weeks worth knowing about.

Critical Patches

Windows Print Spooler (again) — Microsoft patched another privilege escalation in the Print Spooler service this month. If you haven’t applied May’s Patch Tuesday updates, now is the time. CVE details are in the MSRC advisory.

OpenSSH pre-auth memory corruption — A heap-based buffer overflow in OpenSSH’s sshd affecting versions prior to 9.9p3. Exploitation requires specific non-default configs, but patch regardless.

Interesting Research

Browser-in-the-Browser phishing — A refresher on the BoitB technique is making the rounds after a new JavaScript toolkit surfaced that automates the attack. Good material for awareness training.

Prompt injection in agentic AI systems — Several published papers this month demonstrate reliable prompt injection in tool-calling LLM agents. Worth watching as AI tooling gets deployed in corporate environments.

Resources

  • CISA Known Exploited Vulnerabilities catalog updated with 12 new entries this month
  • The PNPT certification updated its exam objectives — good refresher for those on the practical path

Have a story or link we should include next month? Bring it to the June meeting or post in the group chat.