The Security Brief

A 732-byte Python script. That is all it takes to go from an unprivileged shell to root on almost every Linux distribution shipped since 2017. The flaw, dubbed Copy Fail and tracked as CVE-2026-31431, was disclosed on 29 April by researchers from Theori and Xint after sitting unnoticed in the Linux kernel for nine years. What Happened Copy Fail is a logic bug in the Linux kernel's authencesn AEAD cryptographic template, reachable through the AF_ALG socket interface. By chaini

A single git push was all it took. On 28 April, GitHub publicly disclosed CVE-2026-3854, a CVSS 8.7 remote code execution flaw in GitHub Enterprise Server that any authenticated user with push access could trigger. The fix shipped fast. The lesson for self-hosted code platforms is harder to patch. What Happened Wiz Research found the bug on 4 March 2026 and reported it to GitHub the same day. GitHub deployed a fix to GitHub.com within hours and released patches for GitHub Ent

One researcher. Three Windows Defender zero-days. Thirteen days. That cadence has left most corporate Windows estates carrying at least one unpatched privilege escalation bug this week, with CISA ordering federal agencies to fix the first of them by 6 May. What Happened On 7 April, a proof-of-concept exploit named BlueHammer (CVE-2026-33825) was published, showing how an unprivileged local user could gain SYSTEM access on fully patched Windows 10 and Windows 11 machines. The