Security Digest - May 6, 2026

Daily security intelligence briefing for infrastructure and endpoint management teams. Consolidated from authoritative research, vendor advisories, and community discussions.

• Generated (UTC): 2026-05-06 15:59:02 +00:00
• Lookback window: 7 days

🚀 Top Research & Advisories

• Evaluating Microsoft 365 vs Third‑Party Tools for Email and Endpoint Security - (Reddit r/cybersecurity) We are reassessing our organization’s security posture for both email and endpoint protection. At the moment, our endpoints that handle critical data are running Trend Micro and ThreatDown (Malwarebytes). We are considering a shift toward a Microsoft…

  Action: Review CA/MFA settings for tightening opportunities. Review security controls and policy updates.

• Palo Alto Firewall Zero-Day Under Active Exploitation - (Reddit r/cybersecurity) submitted by /u/Big-Engineering-9365 [link] [comments]

  Action: Review security controls and policy updates. Review VPN client version and deployment.

• Palo Alto Networks warns of firewall RCE zero-day exploited in attacks - (BleepingComputer) System.Xml.XmlElement

  Action: Review security controls and policy updates. Review VPN client version and deployment.

• We scanned 200 high-star MCP servers. 205 critical findings. Here are 4 novel attack classes. - (Reddit r/cybersecurity) MCP (Model Context Protocol) is the standard for connecting LLMs to external tools. It's growing fast — 3,199 public servers on GitHub and npm right now, 199 with over 1,000 stars. We built a static analyzer, cloned the top 20 Python repos, and r…

  Action: Confirm Adobe exposure; push updated deployment.

💻 AppSec

• Cybersecurity & Digital Trust Engineer looking for a Master’s in Austria – Career & Work-Study advice? - (Reddit r/cybersecurity) Monitor developer tool vulnerabilities and supply chain risks.

🏗 Infrastructure

• Server 2025 lsass leak. Anyone else with the same issue? - (Reddit r/sysadmin) Review server hardening and AD security posture.

• Windows 11 Pro – 60s “Please wait” before login screen after domain join (fixed in Dev Insider build?) - (Reddit r/sysadmin) Evaluate update rings and expedite actions if needed. Review server hardening and AD security posture. Validate workstation security baseline and update compliance.

• Windows Defender (MsMpEng.exe) crashing randomly on Windows Server - (Reddit r/sysadmin) Review security controls and policy updates. Review server hardening and AD security posture.

🛡 Security Ops

• Azure AD Conditional Access Bypassed Via Phantom Device Registration and PRT Abuse - (CybersecurityNews) Review CA/MFA settings for tightening opportunities.

• Hackers Use Microsoft Teams to Steal Credentials and Manipulate MFA - (CybersecurityNews) Review CA/MFA settings for tightening opportunities.

🛠 Infrastructure & Endpoint Control

• Ask Microsoft to bring back the suggestion list for file tag metadata on Windows 11 - (Reddit r/Windows11) Validate workstation security baseline and update compliance.

• CyberSecurity Nightmares - (Reddit r/cybersecurity) Review security controls and policy updates.

• Developing a cross-process reader/writer lock with limited readers, part 3: Fairness - (The Old New Thing) Confirm Adobe exposure; push updated deployment.

• Developing a cross-process reader/writer lock with limited readers, part 4: Abandonment - (The Old New Thing) Confirm Adobe exposure; push updated deployment.

• Edge may reportedly leak all your passwords easily and Microsoft says it’s “by design” - (Neowin) Validate Edge/WebView2 coverage; refresh managed package.

• first [windows 11] rice - (Reddit r/Windows11) Validate workstation security baseline and update compliance.

• Google Chrome is reportedly auto-installing a massive 4GB AI model without your consent - (Neowin) Validate Chrome coverage; update managed package if needed.

• Is StartAllBack free version safe to custiomize windows 11 - (Reddit r/Windows11) Validate workstation security baseline and update compliance.

• Laptop Middle Click in Windows 11. - (Reddit r/Windows11) Validate Chrome coverage; update managed package if needed. Validate workstation security baseline and update compliance.

• Linux exposes important AMD Ryzen performance feature that’s also heading to Windows 11 - (Neowin) Validate workstation security baseline and update compliance.

• Make thick window borders in Windows 11 - (Reddit r/Windows11) Validate workstation security baseline and update compliance.

• Microsoft is finally turning off the MSN feed and ads in Windows 11 Widgets by default - (Reddit r/Windows11) Validate workstation security baseline and update compliance.

• Microsoft says it’s keeping its promise to fix Windows 11, shares everything that’s changed since March. - (Reddit r/Windows11) Validate workstation security baseline and update compliance.

• Norton Antivirus and Other Norton Software - (Reddit r/cybersecurity) Review security controls and policy updates.

• Outlook Calendar Issues - (Reddit r/sysadmin) Review Office update channel health and security baseline compliance.

• Say goodbye to the clunky Windows Task Scheduler! Check out FluentTaskScheduler V1.8.1 - (Reddit r/Windows11) Validate workstation security baseline and update compliance.

• Seems like you can access internal MS settings from 365 dashboard > settings - (Reddit r/sysadmin) Review Office update channel health and security baseline compliance.

• Start Button not aligned - (Reddit r/Windows11) Validate workstation security baseline and update compliance.

• VoidStealer Malware - (Reddit r/sysadmin) Validate Chrome coverage; update managed package if needed.

• Windows 11 26H1 Build 28000.1836 - (Reddit r/Windows11) Validate workstation security baseline and update compliance.

• Windows 11 Pro – 60s “Please wait” before login screen after domain join (fixed in Dev Insider build?) - (Reddit r/sysadmin) Evaluate update rings and expedite actions if needed. Review server hardening and AD security posture. Validate workstation security baseline and update compliance.

• Windows Defender (MsMpEng.exe) crashing randomly on Windows Server - (Reddit r/sysadmin) Review security controls and policy updates. Review server hardening and AD security posture.

🩹 Patch Tuesday & Update Experience

• Server 2025 lsass leak. Anyone else with the same issue? - (Reddit r/sysadmin) Im having this issue: I have since last year that my windows server 2025 DC keeps crashing/reboot after 2-5 days. I have a windows server 2019 dc and has no problem with it. The LSASS is causing this…

• Windows 11 Pro – 60s “Please wait” before login screen after domain join (fixed in Dev Insider build?) - (Reddit r/sysadmin) We’re seeing a strange and inconsistent issue with Windows 11 Pro after Active Directory domain join , and I’m curious if anyone else has encountered this. Symptoms After domain join, affected machine…

🔍 Quick Links (Watch Items)

• Cybersecurity & Digital Trust Engineer looking for a Master’s in Austria – Career & Work-Study advice? - (Reddit r/cybersecurity)
• Evaluating Microsoft 365 vs Third‑Party Tools for Email and Endpoint Security - (Reddit r/cybersecurity)
• New Fanwei E-cology10 Server Vulnerability Could Let Attackers Hijack Sessions and Steal Credentials - (CybersecurityNews)
• Would you take a promotion to work 100% in office that you’ve been working towards or same pay but work from home? - (Reddit r/cybersecurity)
• We scanned 200 high-star MCP servers. 205 critical findings. Here are 4 novel attack classes. - (Reddit r/cybersecurity)
• Salesforce Marketing Cloud Vulnerability Opened Door to Email Data Exposure - (CybersecurityNews)
• Proprietary Software, Hardware and Protocols Face AI-Driven Security Risk - (Reddit r/cybersecurity)
• Vulnerability Garden - (Reddit r/cybersecurity)
• Cyber Security Militias - (Reddit r/cybersecurity)
• CyberSecurity Nightmares - (Reddit r/cybersecurity)